-
Notifications
You must be signed in to change notification settings - Fork 66
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
275c337
commit efb3fdd
Showing
4 changed files
with
221 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,121 @@ | ||
name: Code Checks | ||
on: [push] | ||
permissions: | ||
contents: read | ||
checks: write | ||
jobs: | ||
linting_and_security: | ||
name: Linting and Security | ||
env: | ||
BUNDLE_ENTERPRISE__CONTRIBSYS__COM: ${{ secrets.BUNDLE_ENTERPRISE__CONTRIBSYS__COM }} | ||
runs-on: ubuntu-16-cores-latest | ||
steps: | ||
- uses: actions/checkout@v4 | ||
|
||
- uses: ruby/setup-ruby@1198b074305f9356bd56dd4b311757cc0dab2f1c | ||
with: | ||
bundler-cache: true | ||
|
||
- name: Run bundle-audit (checks gems for CVE issues) | ||
run: bundle exec bundle-audit check --update --ignore CVE-2024-27456 | ||
|
||
- name: Run Rubocop | ||
run: bundle exec rubocop --parallel --format github | ||
|
||
- name: Run Brakeman | ||
run: bundle exec brakeman --ensure-latest --confidence-level=2 --format github | ||
|
||
tests: | ||
name: Test | ||
env: | ||
BUNDLE_ENTERPRISE__CONTRIBSYS__COM: ${{ secrets.BUNDLE_ENTERPRISE__CONTRIBSYS__COM }} | ||
CI: true | ||
RAILS_ENV: test | ||
TERM: xterm-256color | ||
DOCKER_BUILDKIT: 1 | ||
COMPOSE_DOCKER_CLI_BUILD: 1 | ||
runs-on: ubuntu-16-cores-latest | ||
steps: | ||
- uses: actions/checkout@v4 | ||
|
||
- uses: docker/login-action@v3 | ||
with: | ||
username: ${{ secrets.DOCKERHUB_USER }} | ||
password: ${{ secrets.DOCKERHUB_PASSWORD }} | ||
|
||
- name: Setup Environment | ||
run: | | ||
echo "VETS_API_USER_ID=$(id -u)" >> $GITHUB_ENV | ||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v3 | ||
|
||
- name: Build Docker Image | ||
uses: docker/build-push-action@v5 | ||
with: | ||
build-args: | | ||
sidekiq_license=${{ env.BUNDLE_ENTERPRISE__CONTRIBSYS__COM }} | ||
userid=${{ env.VETS_API_USER_ID }} | ||
context: . | ||
target: builder | ||
push: false | ||
load: true | ||
tags: vets-api | ||
cache-from: type=gha | ||
cache-to: type=gha,mode=max | ||
|
||
- name: Setup Database | ||
run: | | ||
docker-compose -f docker-compose.test.yml run vets-api bash \ | ||
-c "CI=true RAILS_ENV=test DISABLE_BOOTSNAP=true parallel_test -n 13 -e 'bin/rails db:reset'" | ||
- name: Run Specs | ||
timeout-minutes: 20 | ||
run: | | ||
docker-compose -f docker-compose.test.yml run vets-api bash \ | ||
-c "CI=true DISABLE_BOOTSNAP=true bundle exec parallel_rspec spec/ modules/ -n 13 -o '--color --tty'" | ||
- name: Upload Coverage Report | ||
uses: actions/upload-artifact@v4 | ||
if: always() | ||
with: | ||
name: Coverage Report | ||
path: coverage | ||
|
||
- name: Upload Test Results | ||
uses: actions/upload-artifact@v4 | ||
if: always() | ||
with: | ||
name: Test Results | ||
path: log/*.xml | ||
if-no-files-found: ignore | ||
|
||
publish_results: | ||
name: Publish Test Results and Coverage | ||
if: always() | ||
needs: [tests] | ||
runs-on: ubuntu-16-cores-latest | ||
|
||
steps: | ||
- uses: actions/download-artifact@v4 | ||
|
||
- name: Publish Test Results to GitHub | ||
uses: EnricoMi/publish-unit-test-result-action@v2 | ||
if: always() | ||
with: | ||
check_name: Test Results | ||
comment_mode: off | ||
files: Test Results/*.xml | ||
github_token: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Fix up coverage report to work with coverage-check-action | ||
run: sed -i 's/"line"/"covered_percent"/g' 'Coverage Report/.last_run.json' | ||
|
||
- name: Publish Coverage Report | ||
uses: devmasx/coverage-check-action@v1.2.0 | ||
if: hashFiles('Coverage Report/.last_run.json') != '' | ||
with: | ||
type: simplecov | ||
result_path: Coverage Report/.last_run.json | ||
min_coverage: 90 | ||
token: ${{ secrets.GITHUB_TOKEN }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,93 @@ | ||
{ | ||
"openapi": "3.0.1", | ||
"info": { | ||
"title": "Benefits Claims", | ||
"version": "v2", | ||
"description": "## Background\n\nThe Benefits Claims API Version 2 lets internal consumers: \n\n- Retrieve existing claim information, including status, by claim ID\n- Automatically establish an Intent To File (21-0966) in VBMS\n- Automatically establish a disability compensation claim (21-526EZ) in VBMS\n- Digitally submit supporting documentation for disability compensation claims\n- Retrieve the active Power of Attorney organization of individual with power of attorney for a Veteran\n- Automatically establish a power of attorney appointment in VBMS for an accredited organization (VA Form 21-22).\n- Automatically establish a power of attorney appointment in VBMS for an accredited individual (VA Form 21-22a).\n\nYou should use the [Benefits Claims API Version 1](https://developer.va.gov/explore/benefits/docs/claims?version=current) if you are a consumer outside of VA and do not have the necessary VA agreements to use this API.\n \n## Technical Overview\n\nThis API accepts a payload of requests and responses with the payload identifying the claim and Veteran. Responses provide the submission’s processing status. Responses also provide a unique ID which can be used with the appropriate GET endpoint to return detailed, end-to-end claims status tracking. \n\nEnd-to-end claims tracking provides the status of claims as they move through the submission process, but does not return whether the claim was approved or denied. \n\n### Claim statuses\n\nClaims are first submitted by this API and then established in Veterans Benefits Management System (VBMS). A 200 response means that the claim was successfully submitted by the API. It does not mean VA has received the claim. Use the appropriate GET endpoint and the ID returned with your submission response to confirm the status of the submission. Statuses are:\n\n- Pending - the claim is successfully submitted for processing\n- Errored - the submission encountered upstream errors\n- Canceled - the claim was identified as a duplicate or another issue caused the claim to be canceled. For duplicate claims, the tracking of the claim's progress happens under a different Claim ID . \n\nOther statuses this API returns align with the [VA.gov](http://va.gov/) [claim status descriptions](https://www.va.gov/resources/what-your-claim-status-means/), which are:\n\n- Claim received\n- Initial review\n- Evidence gathering, review, and decision\n- Preparation for notification\n- Complete\n\n### Finding a Veteran's unique VA ID\n\nThis API uses a unique Veteran identifier to identify the subject of each API request. This Veteran identifier can be retrieved by passing the Veteran’s first name, last name, DOB, and SSN to the ‘/veteran-id’ endpoint. This identifier should then be used as the Veteran ID parameter in request URLs.\n\nNote: though Veteran identifiers are typically static, they may change over time. If a specific Veteran ID suddenly responds with a ‘404 not found’ error, the identifier may have changed. It’s a good idea to periodically check the identifier for each Veteran.\n\n### Authentication and authorization\n\nThe authentication model for the Benefits Claims Version 2 is based on OAuth 2.0 / OpenID Connect and supports the [client credentials grant](https://developer.va.gov/explore/authorization/docs/client-credentials?api=claims).\n\n**Important**: To get production access, you must either work for VA or have specific VA agreements in place. If you have questions, [contact us](https://developer.va.gov/support/contact-us).\n\n### Test data for sandbox environment use\n\nWe use mock [test data in the sandbox environment](https://github.com/department-of-veterans-affairs/vets-api-clients/blob/master/test_accounts.md). Sandbox test data and test users for the Benefits Claims API are valid for all versions of the API.\n" | ||
}, | ||
"tags": [ | ||
{ | ||
"name": "Veteran Identifier", | ||
"description": "Allows authenticated veterans and veteran representatives to retrieve a veteran's id." | ||
}, | ||
{ | ||
"name": "Claims", | ||
"description": "Allows authenticated and authorized users to access claims data for a given Veteran. No data is returned if the user is not authenticated and authorized.\n" | ||
}, | ||
{ | ||
"name": "5103 Waiver", | ||
"description": "Allows authenticated and authorized users to file a 5103 Notice Response on a claim." | ||
}, | ||
{ | ||
"name": "Intent to File", | ||
"description": "Allows authenticated and authorized users to automatically establish an Intent to File (21-0966) in VBMS.\n" | ||
}, | ||
{ | ||
"name": "Disability Compensation Claims", | ||
"description": "Allows authenticated and authorized users to automatically establish a Disability Compensation Claim (21-526EZ) in VBMS\n" | ||
}, | ||
{ | ||
"name": "Power of Attorney", | ||
"description": "Allows authenticated and authorized users to automatically establish power of attorney appointments to an organization or an individual. Organizations and individuals must be VA accredited representatives.\n" | ||
} | ||
], | ||
"components": { | ||
"securitySchemes": { | ||
"bearer_token": { | ||
"type": "http", | ||
"scheme": "bearer", | ||
"bearerFormat": "JWT" | ||
}, | ||
"productionOauth": { | ||
"type": "oauth2", | ||
"description": "This API uses OAuth 2 with the client credential grant flow. [More info](https://developer.va.gov/explore/api/benefits-claims/client-credentials)", | ||
"flows": { | ||
"authorizationCode": { | ||
"authorizationUrl": "https://api.va.gov/oauth2/authorization", | ||
"tokenUrl": "https://api.va.gov/oauth2/token", | ||
"scopes": { | ||
"system/claim.read": "Retrieve claim data", | ||
"system/claim.write": "Submit claim data" | ||
} | ||
} | ||
} | ||
}, | ||
"sandboxOauth": { | ||
"type": "oauth2", | ||
"description": "This API uses OAuth 2 with the client credential grant flow. [More info](https://developer.va.gov/explore/api/benefits-claims/client-credentials)", | ||
"flows": { | ||
"authorizationCode": { | ||
"authorizationUrl": "https://sandbox-api.va.gov/oauth2/authorization", | ||
"tokenUrl": "https://sandbox-api.va.gov/oauth2/token", | ||
"scopes": { | ||
"system/claim.read": "Retrieve claim data", | ||
"system/claim.write": "Submit claim data" | ||
} | ||
} | ||
} | ||
} | ||
} | ||
}, | ||
"paths": { | ||
}, | ||
"servers": [ | ||
{ | ||
"url": "https://sandbox-api.va.gov/services/claims/{version}", | ||
"description": "VA.gov API sandbox environment", | ||
"variables": { | ||
"version": { | ||
"default": "v2" | ||
} | ||
} | ||
}, | ||
{ | ||
"url": "https://api.va.gov/services/claims/{version}", | ||
"description": "VA.gov API production environment", | ||
"variables": { | ||
"version": { | ||
"default": "v2" | ||
} | ||
} | ||
} | ||
] | ||
} |