Digital service for local authorities to provide updates about capital schemes to Active Travel England.
- Install Python 3.12
- Install Node 20
- Install Docker and Compose plugin
- Install Google Cloud CLI and authenticate using ADCs:
gcloud auth application-default login
- Install Terraform 1.10
- Install Bitwarden CLI
Configure the application's environment variables with the localhost secrets:
bw get notes "UYCS Secrets (Localhost)" > .env
The application can also be configured with the following environment variables:
Name | Value |
---|---|
FLASK_ENV | Application environment name (dev , test or prod ) |
FLASK_SQLALCHEMY_DATABASE_URI | SQLAlchemy database URI |
FLASK_CAPITAL_SCHEMES_DATABASE_URI | SQLAlchemy database URI for capital schemes (unset to use primary database URI) |
FLASK_SECRET_KEY | Flask session secret key |
FLASK_BASIC_AUTH_USERNAME | HTTP Basic Auth username (unset to disable) |
FLASK_BASIC_AUTH_PASSWORD | HTTP Basic Auth password |
FLASK_API_KEY | API key (unset to disable) |
FLASK_GOVUK_CLIENT_ID | OIDC client id |
FLASK_GOVUK_CLIENT_SECRET | OIDC client secret |
FLASK_GOVUK_SERVER_METADATA_URL | OIDC discovery endpoint |
FLASK_GOVUK_TOKEN_ENDPOINT | OIDC token endpoint |
FLASK_GOVUK_PROFILE_URL | OIDC profile URL |
FLASK_GOVUK_END_SESSION_ENDPOINT | OIDC end session endpoint |
-
Create a virtual environment:
python3.12 -m venv --prompt . --upgrade-deps .venv
-
Activate the virtual environment:
source .venv/bin/activate
-
Build the web assets:
npm install && npm run build
-
Install the dependencies:
pip install -e .[dev]
-
Run the server:
make run
To run the server as a container using an in-memory SQLite database:
-
Build the web assets:
npm install && npm run build
-
Build the Docker image:
docker build -t schemes .
-
Run the Docker image:
docker run --rm -it -p 5000:5000 --env-file ./.env schemes
The server can also be run on a different port by specifying the PORT
environment variable:
docker run --rm -it -e PORT=8000 -p 8000:8000 --env-file ./.env schemes
To run the server as a container using a PostgreSQL database:
-
Build the web assets:
npm install && npm run build
-
Run the services:
docker compose up
-
Install the dependencies:
pip install -e .[dev]
-
Run the formatters:
make format
-
Run the linters:
make lint
-
Install the dependencies:
pip install -e .[dev]
-
Install the browsers and their dependencies:
playwright install --with-deps chromium
-
Run the tests:
make test
-
Change directory:
cd cloud/tf-backend
-
Initialise Terraform:
terraform init
-
Apply the changes:
terraform apply
-
Change directory:
cd cloud/docker-repository
-
Initialise Terraform:
terraform init
-
Apply the changes:
terraform apply
-
Obtain the Docker repository service account private key:
terraform output -raw github_action_push_private_key
-
Set the GitHub Actions repository secret
GCP_CREDENTIALS_PUSH
to the private key
For each environment required (dev, test, prod):
-
Change directory:
cd cloud/schemes
-
Initialise Terraform:
terraform init
-
Create a Terraform workspace for the environment:
terraform workspace new $ENVIRONMENT
-
Apply the changes:
terraform apply
-
This will fail due to missing secrets. Now that the Secret Manager service has been enabled, create the secrets then repeat the previous step:
bw get notes "UYCS Secrets ($ENVIRONMENT)" | sh
-
Obtain the Cloud Run service account private key:
terraform output -raw github_action_deploy_private_key
-
Set the GitHub Actions environment secret
GCP_CREDENTIALS_DEPLOY
to the private key -
Open the output
url
To manually redeploy the Cloud Run service using the latest image in the Docker repository:
gcloud run deploy schemes \
--project dft-schemes-$ENVIRONMENT \
--region europe-west1 \
--image europe-west1-docker.pkg.dev/dft-schemes-common/docker/schemes
We have registered the following services with GOV.UK One Login:
- Service name: ATE Schemes (Dev)
- Service redirect URLs: https://dev.update-your-capital-schemes.activetravelengland.gov.uk/auth, http://127.0.0.1:5000/auth
- Service contact email address: [email protected]
- Scopes: openid email
- Public key: (see "UYCS GOV.UK One Login Public Key (Dev)" in Bitwarden)
- Logout URLs: https://dev.update-your-capital-schemes.activetravelengland.gov.uk/, http://127.0.0.1:5000/
- Sector identifier URI: https://dev.update-your-capital-schemes.activetravelengland.gov.uk
- Service name: ATE Schemes (Test)
- Service redirect URLs: https://test.update-your-capital-schemes.activetravelengland.gov.uk/auth
- Service contact email address: [email protected]
- Scopes: openid email
- Public key: (see "UYCS GOV.UK One Login Public Key (Test)" in Bitwarden)
- Logout URLs: https://test.update-your-capital-schemes.activetravelengland.gov.uk/
- Sector identifier URI: https://test.update-your-capital-schemes.activetravelengland.gov.uk
- Service name: Update your capital schemes
- Service redirect URLs: https://update-your-capital-schemes.activetravelengland.gov.uk/auth
- Service contact email address: [email protected]
- Scopes: openid email
- Public key: (see "UYCS GOV.UK One Login Public Key (Prod)" in Bitwarden)
- Logout URLs: https://update-your-capital-schemes.activetravelengland.gov.uk/
- Sector identifier URI: https://update-your-capital-schemes.activetravelengland.gov.uk