From efb3fddbe48b1fa19373e107e1adb099873d9708 Mon Sep 17 00:00:00 2001 From: RachalCassity Date: Fri, 26 Apr 2024 10:27:27 -0500 Subject: [PATCH] Fixed merge conflict --- .github/workflows/code_checks.yml | 121 ++++++++++++++++++ .github/workflows/income-limits-data-sync.yml | 2 +- Dockerfile | 7 +- .../app/swagger/claims_api/v2/swagger.json | 93 ++++++++++++++ 4 files changed, 221 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/code_checks.yml create mode 100644 modules/claims_api/app/swagger/claims_api/v2/swagger.json diff --git a/.github/workflows/code_checks.yml b/.github/workflows/code_checks.yml new file mode 100644 index 00000000000..1361e44f06d --- /dev/null +++ b/.github/workflows/code_checks.yml @@ -0,0 +1,121 @@ +name: Code Checks +on: [push] +permissions: + contents: read + checks: write +jobs: + linting_and_security: + name: Linting and Security + env: + BUNDLE_ENTERPRISE__CONTRIBSYS__COM: ${{ secrets.BUNDLE_ENTERPRISE__CONTRIBSYS__COM }} + runs-on: ubuntu-16-cores-latest + steps: + - uses: actions/checkout@v4 + + - uses: ruby/setup-ruby@1198b074305f9356bd56dd4b311757cc0dab2f1c + with: + bundler-cache: true + + - name: Run bundle-audit (checks gems for CVE issues) + run: bundle exec bundle-audit check --update --ignore CVE-2024-27456 + + - name: Run Rubocop + run: bundle exec rubocop --parallel --format github + + - name: Run Brakeman + run: bundle exec brakeman --ensure-latest --confidence-level=2 --format github + + tests: + name: Test + env: + BUNDLE_ENTERPRISE__CONTRIBSYS__COM: ${{ secrets.BUNDLE_ENTERPRISE__CONTRIBSYS__COM }} + CI: true + RAILS_ENV: test + TERM: xterm-256color + DOCKER_BUILDKIT: 1 + COMPOSE_DOCKER_CLI_BUILD: 1 + runs-on: ubuntu-16-cores-latest + steps: + - uses: actions/checkout@v4 + + - uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USER }} + password: ${{ secrets.DOCKERHUB_PASSWORD }} + + - name: Setup Environment + run: | + echo "VETS_API_USER_ID=$(id -u)" >> $GITHUB_ENV + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Build Docker Image + uses: docker/build-push-action@v5 + with: + build-args: | + sidekiq_license=${{ env.BUNDLE_ENTERPRISE__CONTRIBSYS__COM }} + userid=${{ env.VETS_API_USER_ID }} + context: . + target: builder + push: false + load: true + tags: vets-api + cache-from: type=gha + cache-to: type=gha,mode=max + + - name: Setup Database + run: | + docker-compose -f docker-compose.test.yml run vets-api bash \ + -c "CI=true RAILS_ENV=test DISABLE_BOOTSNAP=true parallel_test -n 13 -e 'bin/rails db:reset'" + + - name: Run Specs + timeout-minutes: 20 + run: | + docker-compose -f docker-compose.test.yml run vets-api bash \ + -c "CI=true DISABLE_BOOTSNAP=true bundle exec parallel_rspec spec/ modules/ -n 13 -o '--color --tty'" + + - name: Upload Coverage Report + uses: actions/upload-artifact@v4 + if: always() + with: + name: Coverage Report + path: coverage + + - name: Upload Test Results + uses: actions/upload-artifact@v4 + if: always() + with: + name: Test Results + path: log/*.xml + if-no-files-found: ignore + + publish_results: + name: Publish Test Results and Coverage + if: always() + needs: [tests] + runs-on: ubuntu-16-cores-latest + + steps: + - uses: actions/download-artifact@v4 + + - name: Publish Test Results to GitHub + uses: EnricoMi/publish-unit-test-result-action@v2 + if: always() + with: + check_name: Test Results + comment_mode: off + files: Test Results/*.xml + github_token: ${{ secrets.GITHUB_TOKEN }} + + - name: Fix up coverage report to work with coverage-check-action + run: sed -i 's/"line"/"covered_percent"/g' 'Coverage Report/.last_run.json' + + - name: Publish Coverage Report + uses: devmasx/coverage-check-action@v1.2.0 + if: hashFiles('Coverage Report/.last_run.json') != '' + with: + type: simplecov + result_path: Coverage Report/.last_run.json + min_coverage: 90 + token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/income-limits-data-sync.yml b/.github/workflows/income-limits-data-sync.yml index efafea3ab3c..8d9ff622431 100644 --- a/.github/workflows/income-limits-data-sync.yml +++ b/.github/workflows/income-limits-data-sync.yml @@ -15,7 +15,7 @@ jobs: income_limits_data_sync: runs-on: self-hosted container: - image: public.ecr.aws/docker/library/ruby:3.2.2-bullseye + image: public.ecr.aws/docker/library/ruby:3.2.4-bullseye env: SSL_CERT_FILE: /etc/ssl/certs/ca-certificates.crt NODE_EXTRA_CA_CERTS: /etc/ssl/certs/ca-certificates.crt diff --git a/Dockerfile b/Dockerfile index 2d403bc889e..4557a98b9ff 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,9 @@ -FROM ruby:3.2.4-slim-bookworm AS rubyimg +FROM ruby:3.2.4-slim-bookworm as rubyimg + +# XXX: using stretch here for pdftk dep, which is not availible after +# stretch (or in alpine) and is switched automatically to pdftk-java in buster +# https://github.com/department-of-veterans-affairs/va.gov-team/issues/3032 + FROM rubyimg AS modules WORKDIR /tmp diff --git a/modules/claims_api/app/swagger/claims_api/v2/swagger.json b/modules/claims_api/app/swagger/claims_api/v2/swagger.json new file mode 100644 index 00000000000..9c644671432 --- /dev/null +++ b/modules/claims_api/app/swagger/claims_api/v2/swagger.json @@ -0,0 +1,93 @@ +{ + "openapi": "3.0.1", + "info": { + "title": "Benefits Claims", + "version": "v2", + "description": "## Background\n\nThe Benefits Claims API Version 2 lets internal consumers: \n\n- Retrieve existing claim information, including status, by claim ID\n- Automatically establish an Intent To File (21-0966) in VBMS\n- Automatically establish a disability compensation claim (21-526EZ) in VBMS\n- Digitally submit supporting documentation for disability compensation claims\n- Retrieve the active Power of Attorney organization of individual with power of attorney for a Veteran\n- Automatically establish a power of attorney appointment in VBMS for an accredited organization (VA Form 21-22).\n- Automatically establish a power of attorney appointment in VBMS for an accredited individual (VA Form 21-22a).\n\nYou should use the [Benefits Claims API Version 1](https://developer.va.gov/explore/benefits/docs/claims?version=current) if you are a consumer outside of VA and do not have the necessary VA agreements to use this API.\n \n## Technical Overview\n\nThis API accepts a payload of requests and responses with the payload identifying the claim and Veteran. Responses provide the submission’s processing status. Responses also provide a unique ID which can be used with the appropriate GET endpoint to return detailed, end-to-end claims status tracking. \n\nEnd-to-end claims tracking provides the status of claims as they move through the submission process, but does not return whether the claim was approved or denied. \n\n### Claim statuses\n\nClaims are first submitted by this API and then established in Veterans Benefits Management System (VBMS). A 200 response means that the claim was successfully submitted by the API. It does not mean VA has received the claim. Use the appropriate GET endpoint and the ID returned with your submission response to confirm the status of the submission. Statuses are:\n\n- Pending - the claim is successfully submitted for processing\n- Errored - the submission encountered upstream errors\n- Canceled - the claim was identified as a duplicate or another issue caused the claim to be canceled. For duplicate claims, the tracking of the claim's progress happens under a different Claim ID . \n\nOther statuses this API returns align with the [VA.gov](http://va.gov/) [claim status descriptions](https://www.va.gov/resources/what-your-claim-status-means/), which are:\n\n- Claim received\n- Initial review\n- Evidence gathering, review, and decision\n- Preparation for notification\n- Complete\n\n### Finding a Veteran's unique VA ID\n\nThis API uses a unique Veteran identifier to identify the subject of each API request. This Veteran identifier can be retrieved by passing the Veteran’s first name, last name, DOB, and SSN to the ‘/veteran-id’ endpoint. This identifier should then be used as the Veteran ID parameter in request URLs.\n\nNote: though Veteran identifiers are typically static, they may change over time. If a specific Veteran ID suddenly responds with a ‘404 not found’ error, the identifier may have changed. It’s a good idea to periodically check the identifier for each Veteran.\n\n### Authentication and authorization\n\nThe authentication model for the Benefits Claims Version 2 is based on OAuth 2.0 / OpenID Connect and supports the [client credentials grant](https://developer.va.gov/explore/authorization/docs/client-credentials?api=claims).\n\n**Important**: To get production access, you must either work for VA or have specific VA agreements in place. If you have questions, [contact us](https://developer.va.gov/support/contact-us).\n\n### Test data for sandbox environment use\n\nWe use mock [test data in the sandbox environment](https://github.com/department-of-veterans-affairs/vets-api-clients/blob/master/test_accounts.md). Sandbox test data and test users for the Benefits Claims API are valid for all versions of the API.\n" + }, + "tags": [ + { + "name": "Veteran Identifier", + "description": "Allows authenticated veterans and veteran representatives to retrieve a veteran's id." + }, + { + "name": "Claims", + "description": "Allows authenticated and authorized users to access claims data for a given Veteran. No data is returned if the user is not authenticated and authorized.\n" + }, + { + "name": "5103 Waiver", + "description": "Allows authenticated and authorized users to file a 5103 Notice Response on a claim." + }, + { + "name": "Intent to File", + "description": "Allows authenticated and authorized users to automatically establish an Intent to File (21-0966) in VBMS.\n" + }, + { + "name": "Disability Compensation Claims", + "description": "Allows authenticated and authorized users to automatically establish a Disability Compensation Claim (21-526EZ) in VBMS\n" + }, + { + "name": "Power of Attorney", + "description": "Allows authenticated and authorized users to automatically establish power of attorney appointments to an organization or an individual. Organizations and individuals must be VA accredited representatives.\n" + } + ], + "components": { + "securitySchemes": { + "bearer_token": { + "type": "http", + "scheme": "bearer", + "bearerFormat": "JWT" + }, + "productionOauth": { + "type": "oauth2", + "description": "This API uses OAuth 2 with the client credential grant flow. [More info](https://developer.va.gov/explore/api/benefits-claims/client-credentials)", + "flows": { + "authorizationCode": { + "authorizationUrl": "https://api.va.gov/oauth2/authorization", + "tokenUrl": "https://api.va.gov/oauth2/token", + "scopes": { + "system/claim.read": "Retrieve claim data", + "system/claim.write": "Submit claim data" + } + } + } + }, + "sandboxOauth": { + "type": "oauth2", + "description": "This API uses OAuth 2 with the client credential grant flow. [More info](https://developer.va.gov/explore/api/benefits-claims/client-credentials)", + "flows": { + "authorizationCode": { + "authorizationUrl": "https://sandbox-api.va.gov/oauth2/authorization", + "tokenUrl": "https://sandbox-api.va.gov/oauth2/token", + "scopes": { + "system/claim.read": "Retrieve claim data", + "system/claim.write": "Submit claim data" + } + } + } + } + } + }, + "paths": { + }, + "servers": [ + { + "url": "https://sandbox-api.va.gov/services/claims/{version}", + "description": "VA.gov API sandbox environment", + "variables": { + "version": { + "default": "v2" + } + } + }, + { + "url": "https://api.va.gov/services/claims/{version}", + "description": "VA.gov API production environment", + "variables": { + "version": { + "default": "v2" + } + } + } + ] +} \ No newline at end of file