Merge pull request #2 from MeasureAuthoringTool/main

Fixing Merges

.dockerignore

@@ -0,0 +1,5 @@
+Dockerfile
+.dockerignore
+node_modules
+npm-debug.log
+dist

.github/CODEOWNERS

@@ -0,0 +1,2 @@
+# Code owners:
+* @MeasureAuthoringTool/madie-developers

.github/pull_request_template.md

@@ -0,0 +1,27 @@
+## MADiE PR
+
+Jira Ticket: [MAT-0000](https://jira.cms.gov/browse/MAT-0000)
+(Optional) Related Tickets:
+
+### Summary
+
+### All Submissions
+* [ ] This PR has the JIRA linked.
+* [ ] Required tests are included.
+* [ ] No extemporaneous files are included (i.e Complied files or testing results).
+* [ ] This PR is merging into the **correct branch**.
+* [ ] All Documentation needed for this PR is Complete (or noted in a TODO or other Ticket).
+* [ ] Any breaking changes or failing automations are noted by placing a comment on this PR.
+
+### DevSecOps
+If there is a question if this PR has a security or infrastructure impact, please contact the Security or DevOps engineer assigned to this project to discuss it further.
+
+* [ ] This PR has NO significant security impact (i.e Changing auth methods, Adding a new user type, Adding a required but vulnerable package).
+* [ ] All CDN/Web dependencies are hosted internally (i.e MADiE-Root Repo).
+
+### Reviewers
+By Approving this PR you are attesting to the following:
+
+*  Code is maintainable and reusable, reuses existing code and infrastructure where appropriate, and accomplishes the task’s purpose.
+*  The tests appropriately test the new code, including edge cases.
+*  If you have any concerns they are brought up either to the developer assigned, security engineer, or leads.

.github/workflows/gitleaks.yml

@@ -0,0 +1,29 @@
+# @format
+
+name: Github Secrets Scanner
+
+on: [push]
+
+jobs:
+  gitleaks_scan:
+    runs-on: ubuntu-latest
+    env:
+      REPO: https://github.com/MeasureAuthoringTool/excel-export
+      REMOTE_EXCLUDES_URL: https://raw.githubusercontent.com/semanticbits/bmat-gitleaks-automation/master/madie-measure/gitleaks.toml
+      GITLEAKS_VERSION: v7.5.0
+    steps:
+      - name: Execute Gitleaks
+        run: |
+          wget ${REMOTE_EXCLUDES_URL} -O gitleaks.toml
+          wget https://github.com/zricethezav/gitleaks/releases/download/${GITLEAKS_VERSION}/gitleaks-linux-amd64 -O gitleaks
+          chmod +x gitleaks
+          echo ${GITHUB_SHA}
+          echo "gitleaks --repo-url=${REPO} -v --redact --commit=${GITHUB_SHA} --config-path=gitleaks.toml"
+          ./gitleaks --repo-url=${REPO} -v --redact --commit=${GITHUB_SHA} --config-path=gitleaks.toml
+      - name: Slack notification
+        if: failure()
+        env:
+          SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
+        uses: Ilshidur/action-slack@master
+        with:
+          args: "Potential Secrets found in: https://github.com/{{ GITHUB_REPOSITORY }}/commit/{{ GITHUB_SHA }} Link to build with full gitleaks output: https://github.com/{{ GITHUB_REPOSITORY }}/commit/{{ GITHUB_SHA }}/checks"

.github/workflows/unit_test_coverage.yml

@@ -0,0 +1,100 @@
+# This workflow will do the following:
+# - perform a clean install of node dependencies
+# - lint the source code for errors
+# - build the source code
+# - run tests and capture code coverage
+# - run end-to-end tests
+# - upload the code coverage report to Codacy
+# - upload the code coverage report to Codecov
+
+name: Continuous Integration
+
+on:
+  push:
+    branches: [main, develop]
+  pull_request:
+    branches: [main, develop]
+
+jobs:
+  build:
+    name: Checkout, install, lint, build and test with coverage
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Use Node.js 20.x
+        uses: actions/setup-node@v3
+        with:
+          node-version: 20.x
+
+      - name: Cache node modules
+        uses: actions/cache@v3
+        env:
+          cache-name: cache-node-modules
+        with:
+          path: ~/.npm
+          key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }}
+          restore-keys: |
+            ${{ runner.os }}-build-${{ env.cache-name }}-
+            ${{ runner.os }}-build-
+            ${{ runner.os }}-
+
+      - name: Install node dependencies
+        run: npm ci
+
+      - name: Audit dependencies for security vulnerabilities
+        run: npm audit --production
+
+      - name: Lint the source code
+        run: npm run-script lint
+
+      - name: Check prettier formatting
+        run: npm run-script format
+
+      - name: Build the source code
+        run: npm run build
+
+      - name: Execute test coverage
+        run: npm run-script test:cov
+
+      - name: Store the coverage report as an artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: coverage
+          path: coverage/lcov.info
+
+  upload-codacy-coverage:
+    name: Upload code coverage to Codacy
+    needs: build
+    runs-on: ubuntu-latest
+    steps:
+      - name: Download coverage artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: coverage
+
+      - name: Upload code coverage to Codacy
+        uses: codacy/codacy-coverage-reporter-action@master
+        with:
+          project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
+          coverage-reports: lcov.info
+
+  upload-codecov-coverage:
+    name: Upload code coverage to Codecov
+    needs: build
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+      - name: Download coverage artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: coverage
+
+      - name: Upload code coverage to Codecov
+        uses: codecov/codecov-action@v3
+        with:
+          file: lcov.info
+          fail_ci_if_error: true

.gitignore

@@ -2,6 +2,7 @@
 /dist
 /node_modules
 /build
+*~
 
 # Logs
 logs

Dockerfile

@@ -0,0 +1,20 @@
+# Base image
+FROM node:18
+
+# Create app directory
+WORKDIR /usr/src/app
+
+# A wildcard is used to ensure both package.json AND package-lock.json are copied
+COPY package*.json ./
+
+# Install app dependencies
+RUN npm install
+
+# Bundle app source
+COPY . .
+
+# Creates a "dist" folder with the production build
+RUN npm run build
+
+# Start the server using the production build
+CMD [ "node", "dist/main.js" ]

README.md

@@ -24,7 +24,7 @@
 
 ## Description
 
-[Nest](https://github.com/nestjs/nest) framework TypeScript starter repository.
+[Nest](https://github.com/nestjs/nest) framework Application for hosting a Excel Export service for MADiE 
 
 ## Installation
 
@@ -58,16 +58,6 @@ $ npm run test:e2e
 $ npm run test:cov
 ```
 
-## Support
-
-Nest is an MIT-licensed open source project. It can grow thanks to the sponsors and support by the amazing backers. If you'd like to join them, please [read more here](https://docs.nestjs.com/support).
-
-## Stay in touch
-
-- Author - [Kamil Myśliwiec](https://kamilmysliwiec.com)
-- Website - [https://nestjs.com](https://nestjs.com/)
-- Twitter - [@nestframework](https://twitter.com/nestframework)
-
-## License
-
-Nest is [MIT licensed](LICENSE).
+## Docker
+Dockerfile and docker-compose
+```docker compose down --remove-orphans && docker volume prune && docker compose build --no-cache && docker compose up --force-recreate```

docker-compose.yml

@@ -0,0 +1,18 @@
+version: '3.9'
+
+services:
+
+  app:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    container_name: excel-export
+    environment:
+      - PORT=3000
+      - JWT_SECRET=${JWT_SECRET}      
+    ports:
+      - '3000:3000'    
+    volumes:
+      - /dist
+
+

example.env

@@ -0,0 +1,5 @@
+# The structure of a user's .env file will differ based on whether
+# they are using it through docker-compose, or directly via node
+
+# The following attributes are common, regardless of approach:
+JWT_SECRET=ThisIsMySecret