Converting Rails config to railsconfig (#823)

* Converting Rails config to railsconfig

.gitignore

@@ -38,3 +38,7 @@ config/application.yml
 
 # Ignore .DS_Store
 .DS_Store
+
+config/settings.local.yml
+config/settings/*.local.yml
+config/environments/*.local.yml

Gemfile

@@ -13,6 +13,7 @@ gem 'virtus'
 #emphasize this is an api only app
 gem 'rails-api'
 gem 'figaro'
+gem 'config'
 gem 'pg'
 gem 'json-schema'
 gem 'active_model_serializers', '~> 0.10.0'

Gemfile.lock

@@ -99,13 +99,17 @@ GEM
     coercible (1.0.0)
       descendants_tracker (~> 0.0.1)
     concurrent-ruby (1.0.2)
+    config (1.4.0)
+      activesupport (>= 3.0)
+      deep_merge (~> 1.1.1)
     connection_pool (2.2.0)
     crack (0.4.3)
       safe_yaml (~> 1.0.0)
     date_validator (0.9.0)
       activemodel
       activesupport
     debug_inspector (0.0.2)
+    deep_merge (1.1.1)
     descendants_tracker (0.0.4)
       thread_safe (~> 0.3, >= 0.3.1)
     diff-lcs (1.2.5)
@@ -402,6 +406,7 @@ DEPENDENCIES
   carrierwave (~> 0.11)
   carrierwave-aws
   climate_control (= 0.0.3)
+  config
   date_validator
   factory_girl_rails
   faker

Jenkinsfile

@@ -1,37 +1,3 @@
-def env_vars = [
-    'RAILS_ENV=test',
-    'HOSTNAME=www.example.com',
-    'SAML_CERTIFICATE_FILE=spec/support/certificates/ruby-saml.crt',
-    'SAML_KEY_FILE=spec/support/certificates/ruby-saml.key',
-    'SAML_RELAY=http://localhost:3001/auth/login/callback',
-    'SAML_LOGOUT_RELAY=http://localhost:3001/logout',
-    'REDIS_HOST=localhost',
-    'REDIS_PORT=6379',
-    'MHV_HOST=https://mhv-api.example.com',
-    'MHV_APP_TOKEN=fake-app-token',
-    'DB_ENCRYPTION_KEY=f01ff8ebd1a2b053ad697ae1f0d86adb48ebb708021e4c76c3807d37f6b4e389d5aa45ea171f2f5074222784c1ee2bb8272390d1b9517a7a6987c22733ef00b2',
-    'MHV_SM_HOST=https://mhv-api.example.com',
-    'MHV_SM_APP_TOKEN=fake-app-token',
-    'GIDS_URL=https://dev.vets.gov/gids',
-    'EVSS_BASE_URL=https://test.vets.gov',
-    'EVSS_SAMPLE_CLAIMANT_USER={"uuid": "1234", "first_name": "Jane", "last_name":"Doe", "edipi": "1105051936", "participant_id": "123456789"}',
-    'MVI_URL=http://www.example.com/',
-    'MVI_OPEN_TIMEOUT=2',
-    'MVI_TIMEOUT=10',
-    'MVI_CLIENT_CERT_PATH=/fake/client/cert/path',
-    'MVI_CLIENT_KEY_PATH=/fake/client/key/path',
-    'MVI_PROCESSING_CODE=T',
-    'EVSS_S3_UPLOADS=false',
-    'VHA_MAPSERVER_URL=https://services3.arcgis.com/aqgBd3l68G8hEFFE/ArcGIS/rest/services/VHA_Facilities/FeatureServer/0',
-    'NCA_MAPSERVER_URL=https://services3.arcgis.com/aqgBd3l68G8hEFFE/ArcGIS/rest/services/NCA_Facilities/FeatureServer/0',
-    'VBA_MAPSERVER_URL=https://services3.arcgis.com/aqgBd3l68G8hEFFE/ArcGIS/rest/services/VBA_Facilities/FeatureServer/0',
-    'MOCK_MVI_SERVICE=false',
-    'GOV_DELIVERY_SERVER=stage-tms.govdelivery.com',
-    'ES_URL=https://test.vets.gov',
-    'ES_CLIENT_CERT_PATH=/fake/client/cert/path',
-    'ES_CLIENT_KEY_PATH=/fake/client/key/path'
-]
-
 pipeline {
   agent {
     label 'vets-api-linting'
@@ -46,7 +12,7 @@ pipeline {
     stage('Run tests') {
       steps {
         sh 'bash --login -c "bundle install --without development -j 4"'
-        withEnv(env_vars) {
+        withEnv(['RAILS_ENV=test']) {
           sh 'bash --login -c "bundle exec rake db:create db:schema:load ci"'
         }
       }
@@ -59,7 +25,7 @@ pipeline {
         }
       }
 
-      steps { 
+      steps {
         build job: 'vets-review-instance-deploy', parameters: [
           stringParam(name: 'devops_branch', value: 'master'),
           stringParam(name: 'api_branch', value: env.BRANCH_NAME),

README.md

@@ -3,58 +3,77 @@
 This project provides common APIs for applications that live on vets.gov.
 
 ## Developer Setup
-Vets-api requires:
-- postgres
+
+Vets API requires:
+- PostgreSQL
 - Redis
-- rails server
+- Ruby 2.3
 
 ### Base Setup
 
-To start, fetch this code: `git clone https://github.com/department-of-veterans-affairs/vets-api.git`
+To start, fetch this code:
+
+`git clone https://github.com/department-of-veterans-affairs/vets-api.git`
 
-#### Automated
+#### Automated (OSX)
 
-*From the `vets-api` directory, run `./bin/setup-osx && source ~/.bash_profile && cd .` if you're on a mac. It will ensure that you have all development dependencies setup*
+If you are developing on OSX, you can run the automated setup script. From
+the `vets-api` directory, run `./bin/setup-osx && source ~/.bash_profile && cd .`
 
-#### Alternative
-1. Install Ruby 2.3. (It is suggested to use a Ruby version manager such as [rbenv](https://github.com/rbenv/rbenv#installation) and then to [install Ruby 2.3](https://github.com/rbenv/rbenv#installing-ruby-versions)).
-*Note*: rbenv will also provide additional installation instructions in the console output. Make sure to follow those too.
-1. Install Bundler to manage dependencies: `gem install bundler`
-1. Install Postgres (on Mac): `brew install postgres`
+#### Alternative (OSX)
 
-1. Install Redis (on Mac): `brew install redis`
+1. Install Ruby 2.3.
+  - It is suggested that you use a Ruby version manager such as
+    [rbenv](https://github.com/rbenv/rbenv#installation) and
+    [install Ruby 2.3](https://github.com/rbenv/rbenv#installing-ruby-versions).
+  - *NOTE*: rbenv will also provide additional installation instructions in the
+    console output. Make sure to follow those too.
+1. Install Bundler to manage dependencies
+  - `gem install bundler`
+1. Install Postgres and enable on startup
+  - `brew install postgres`
+  - `brew services start postgres`
+1. Install Redis
+  - `brew install redis`
+  - Follow post-install instructions to enable Redis on startup. Otherwise,
+    launch it manually with `brew services start redis`.
 1. Install gem dependencies: `cd vets-api; bundle install`
 1. Install overcommit `overcommit --install --sign`
-1. Create a application.yml `cat ./config/application.yml.example > ./config/application.yml`
 1. Setup localhost certificates / keys
-  - Create a hidden folder in home directory:  `mkdir ~/.certs`
-  - Copy the [certificate](https://github.com/department-of-veterans-affairs/vets.gov-team/blob/master/Products/Identity/Identity%20Discovery%202016/certificates/vetsgov-localhost.crt) to ~/.certs
-  - Copy the [key](https://github.com/department-of-veterans-affairs/vets.gov-team/blob/master/Products/Identity/Identity%20Discovery%202016/certificates/vetsgov-localhost.key) to ~/.certs
+  - Create a hidden folder in your home directory:  `mkdir ~/.certs`
+  - Copy the [certificate][certificate] to `~/.certs/vetsgov-localhost.crt`
+  - Copy the [key][key] to `~/.certs/vetsgov-localhost.key`
+  - *NOTE*: If you don't have access to these keys, running the following
+    commands will provide basic functionality, such as for running unit tests:
+  - `touch ~/.certs/vetsgov-localhost.crt`
+  - `touch ~/.certs/vetsgov-localhost.key`
+1. Create dev database: `bundle exec rake db:setup`
 
 
-##### Database Setup
-1. Start Postgres: `brew services start postgres`
-1. Create dev database: `bundle exec rake db:setup`
+[certificate]: https://github.com/department-of-veterans-affairs/vets.gov-team/blob/master/Products/Identity/Identity%20Discovery%202016/certificates/vetsgov-localhost.crt
+[key]: https://github.com/department-of-veterans-affairs/vets.gov-team/blob/master/Products/Identity/Identity%20Discovery%202016/certificates/vetsgov-localhost.key
 
-##### Redis Setup
-You will need to specify the following environment variables in `application.yml`:
-```
-REDIS_HOST
-REDIS_PORT
-```
+### Configuration
 
-For an example, see `application.yml.example`
+Vets API is configured with [Config](https://github.com/railsconfig/config). The
+default configuration is contained in [settings.yml](config/settings.yml). To
+customize your setup, you can create a `config/settings.local.yml` file with
+configuration specific to your needs. For example, to configure Redis and
+PostgreSQL, place something like this in that file:
 
-1. Follow post install instructions
-  - always have Redis running as service
-  - manually launch Redis `brew services start redis`
-1. Set the environment variables above according to your Redis configuration
+```yaml
+database_url: postgres://pg_host:9999/custom_db
 
+redis:
+  host: redis_host
+  port: 9999
+```
+
+This is also where you will place any other customizations, such as API tokens
+or certificate paths.
 
-*Note*: If you encounter `Redis::CannotConnectError: Error connecting to Redis on localhost:6379 (Errno::ECONNREFUSED)`
-this is a sign that redis is not currently running or `config/redis.yml` is not using correct host and port.
-Tra
 ### Optional Application Configuration
+
 The following features require additional configuration, click for details.
 - [Authentication with ID.me](/docs/setup/authentication_with_idme.md)
 - [EVSS](/docs/setup/evss.md)
@@ -63,49 +82,68 @@ The following features require additional configuration, click for details.
 - [Education Benefits](/docs/setup/edu_benefits.md)
 - [Master Veteran Index (MVI)](/docs/setup/mvi.md)
 
-Vets-api will still run in a limited capacity without configuring any of the features.
+Vets API will still run in a limited capacity without configuring any of these
+features, and will run the unit tests successfully.
 
 ## Running the App
-Manually run each:
 
-1. `postgres -D /usr/local/var/postgres`
-1. `redis-server /usr/local/etc/redis.conf`
-1. `bundle exec rails server` from <GITHUB_HOME>/vets-api/
+From within the cloned repo directory, you can run this command to run
+`vets-api`:
+
+```
+bundle exec rails server
+```
 
-#### Running the App with Foreman
-1. Start the application: `bundle exec foreman start`
-1. Navigate to <http://localhost:3000/v0/status> in your browser.
+You can also run `vets-api` with Foreman:
+
+```
+bundle exec foreman start
+```
+
+You should then be able to navigate to http://localhost:3000/v0/status in your
+browser and start interacting with the API.
 
 ### Testing Commands
+
 - `bundle exec rake lint` - Run the full suite of linters on the codebase.
-- `bundle exec guard` - Runs the guard test server that reruns your tests after files are saved. Useful for TDD!
+- `bundle exec guard` - Runs the guard test server that reruns your tests after
+  files are saved. Useful for TDD!
 - `bundle exec rake security` - Run the suite of security scanners on the codebase.
 - `bundle exec rake ci` - Run all build steps performed in CI.
 
 ## Deployment Instructions
 
-Ansible templates and instructions for deploying are in the [devops repo](https://github.com/department-of-veterans-affairs/devops/tree/master/ansible). The `app_name` for this project is `platform-api`. After deploying, you can check that the right version was deployed with:
-```
-https://dev-api.vets.gov/v0/status
-```
+Jenkins deploys `vets-api` upon each merge to `master`:
+
+http://jenkins.vetsgov-internal/job/department-of-veterans-affairs/job/vets-api/job/master/
 
-There is also a [jenkins build](https://dev.vets.gov/jenkins/job/vets_gov_deploy_all/) that will deploy all the apps in a certain environment.
+Each deploy is available here:
+
+https://dev-api.vets.gov/v0/status
 
 ## API Request key formatting
 
-When sending HTTP requests use the `X-Key-Inflection` request header to specify which case your client wants to use. Valid cases are `camel`, `dash`, and `snake`. For example if you set `X-Key-Inflection: camel` then you can use camelCase keys in your JSON request body and you will get back data with camelCase keys in the response body. If the header is not provided then the server will expect snake_case keys in the request body and output snake_case in the response.
+When sending HTTP requests use the `X-Key-Inflection` request header to specify
+which case your client wants to use. Valid cases are `camel`, `dash`, and
+`snake`. For example if you set `X-Key-Inflection: camel` then you can use
+camelCase keys in your JSON request body and you will get back data with
+camelCase keys in the response body. If the header is not provided then the
+server will expect snake_case keys in the request body and output snake_case in
+the response.
 
 ## How to Contribute
 
 There are many ways to contribute to this project:
 
 **Bugs**
 
-If you spot a bug, let us know! File a GitHub Issue for this project. When filing an issue add the following:
+If you spot a bug, let us know! File a GitHub Issue for this project. When
+filing an issue add the following:
 
 - Title: Sentence that summarizes the bug concisely
 - Comment:
-    - The environment you experienced the bug (browser, browser version, kind of account any extensions enabled)
+    - The environment you experienced the bug (browser, browser version, kind of
+      account any extensions enabled)
     - The exact steps you took that triggered the bug. Steps 1, 2, 3, etc.
     - The expected outcome
     - The actual outcome (include screen shot or error logs)
@@ -115,9 +153,14 @@ For security related bugs unfit for public viewing, email us feedback@va.gov
 
 **Code Submissions**
 
-This project logs all work needed and work being actively worked on via GitHub Issues. Submissions related to these are especially appreciated, but patches and additions outside of these are also great.
+This project logs all work needed and work being actively worked on via GitHub
+Issues. Submissions related to these are especially appreciated, but patches and
+additions outside of these are also great.
 
-If you are working on something related to an existing GitHub Issue that already has an assignee, talk with them first (we don't want to waste your time). If there is no assignee, assign yourself (if you have permissions) or post a comment stating that you're working on it.
+If you are working on something related to an existing GitHub Issue that already
+has an assignee, talk with them first (we don't want to waste your time). If
+there is no assignee, assign yourself (if you have permissions) or post a
+comment stating that you're working on it.
 
 To work on your code submission, follow [GitHub Flow](https://guides.github.com/introduction/flow/):
 
@@ -127,8 +170,12 @@ To work on your code submission, follow [GitHub Flow](https://guides.github.com/
 1. Discuss via Pull Request
 1. Pull Request gets approved or denied by core team member
 
-If you're from the community, it may take one to two weeks to review your pull request. Teams work in one to two week sprints, so they need time to need add it to their time line.
+If you're from the community, it may take one to two weeks to review your pull
+request. Teams work in one to two week sprints, so they need time to need add it
+to their time line.
 
 ## Contact
 
-If you have a question or comment about this project, file a GitHub Issue with your question in the Title, any context in the Comment, and add the `question` Label.
+If you have a question or comment about this project, file a GitHub Issue with
+your question in the Title, any context in the Comment, and add the `question`
+Label.

app/controllers/v0/sessions_controller.rb

@@ -34,13 +34,13 @@ def saml_callback
 
       if @saml_response.is_valid? && persist_session_and_user
         async_create_evss_account(@current_user)
-        redirect_to SAML_CONFIG['relay'] + '?token=' + @session.token
+        redirect_to Settings.saml.relay + '?token=' + @session.token
 
         obscure_token = Session.obscure_token(@session.token)
         Rails.logger.info("Logged in user with id #{@session.uuid}, token #{obscure_token}")
       else
         handle_login_error
-        redirect_to SAML_CONFIG['relay'] + '?auth=fail'
+        redirect_to Settings.saml.relay + '?auth=fail'
       end
     end
 
@@ -82,12 +82,12 @@ def handle_completed_slo
       if errors.size.positive?
         extra_context = { in_response_to: logout_response&.in_response_to }
         log_to_sentry("SAML Logout failed!\n  " + errors.join("\n  "), :error, extra_context)
-        redirect_to SAML_CONFIG['logout_relay'] + '?success=false'
+        redirect_to Settings.saml.logout_relay + '?success=false'
       else
         logout_request.destroy
         session.destroy
         user.destroy
-        redirect_to SAML_CONFIG['logout_relay'] + '?success=true'
+        redirect_to Settings.saml.logout_relay + '?success=true'
         # even if mhv logout raises exception, still consider logout successful from browser POV
         MHVLoggingService.logout(user)
       end
@@ -112,7 +112,7 @@ def log_to_sentry(message, level, context = {})
     end
 
     def saml_options
-      ENV['REVIEW_INSTANCE_SLUG'].blank? ? {} : { RelayState: ENV['REVIEW_INSTANCE_SLUG'] }
+      Settings.review_instance_slug.blank? ? {} : { RelayState: Settings.review_instance_slug }
     end
   end
 end

app/mailers/year_to_date_report_mailer.rb

@@ -45,14 +45,14 @@ def build(report_file)
   private
 
   def s3_bucket
-    ENV['REPORTS_AWS_S3_BUCKET']
+    Settings.reports.aws.bucket
   end
 
   def new_s3_resource
     Aws::S3::Resource.new(
-      region: ENV['REPORTS_AWS_S3_REGION'],
-      access_key_id: ENV['REPORTS_AWS_ACCESS_KEY_ID'],
-      secret_access_key: ENV['REPORTS_AWS_SECRET_ACCESS_KEY']
+      region: Settings.reports.aws.region,
+      access_key_id: Settings.reports.aws.access_key_id,
+      secret_access_key: Settings.reports.aws.secret_access_key
     )
   end
 end

app/models/education_benefits_claim.rb

@@ -14,7 +14,7 @@ class EducationBenefitsClaim < ActiveRecord::Base
 
   has_one(:education_benefits_submission, inverse_of: :education_benefits_claim)
 
-  attr_encrypted(:form, key: ENV['DB_ENCRYPTION_KEY'])
+  attr_encrypted(:form, key: Settings.db_encryption_key)
 
   # initially only completed claims are allowed, later we can allow claims that dont have a submitted_at yet
   before_validation(:set_submitted_at, on: :create)