Merge branch 'develop' of github.com:forza-mor-rotterdam/mbc into dja…

…ngo-4.2 # Conflicts: # app/Dockerfile # app/requirements.txt
forza-mor-rotterdam · Sep 24, 2024 · 3134f4f · 3134f4f
2 parents 0541488 + 0595103
commit 3134f4f
Show file tree

Hide file tree

Showing 11 changed files with 85 additions and 135 deletions.
diff --git a/.github/workflows/ci-cd.yaml b/.github/workflows/ci-cd.yaml
@@ -73,6 +73,15 @@ jobs:
             type=raw,develop
             type=raw,test
 
+      - name: Extract metadata (tags, labels) for Docker nginx
+        id: meta_nginx
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-nginx
+          tags: |
+            type=raw,develop
+            type=raw,test
+
       - name: Build and push app Docker image
         uses: docker/build-push-action@v3
         with:
@@ -84,6 +93,14 @@ jobs:
             GIT_SHA=${{ github.sha }}
             DEPLOY_DATE=${{ steps.get_date.outputs.DATE }}
 
+      - name: Build and push nginx Docker image
+        uses: docker/build-push-action@v3
+        with:
+          context: "{{defaultContext}}:nginx"
+          push: true
+          tags: ${{ steps.meta_nginx.outputs.tags }}
+          labels: ${{ steps.meta_nginx.outputs.labels }}
+
   deploy-acc:
     name: Acceptance release
     if: github.ref == 'refs/heads/develop'

diff --git a/.github/workflows/deploy-prd.yaml b/.github/workflows/deploy-prd.yaml
@@ -36,6 +36,12 @@ jobs:
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-app
 
+      - name: Extract metadata (tags, labels) for Docker nginx
+        id: meta_nginx
+        uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-nginx
+
       - name: Build and push app Docker image
         uses: docker/build-push-action@v3
         with:
@@ -46,6 +52,14 @@ jobs:
           build-args: |
             GIT_SHA=${{ github.sha }}
 
+      - name: Build and push nginx Docker image
+        uses: docker/build-push-action@v3
+        with:
+          context: "{{defaultContext}}:nginx"
+          push: true
+          tags: ${{ steps.meta_nginx.outputs.tags }}
+          labels: ${{ steps.meta_nginx.outputs.labels }}
+
       - name: Start rollout on k8s platform
         uses: actions-hub/kubectl@master
         env:

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -1,13 +1,13 @@
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.5.0
+    rev: v4.6.0
     hooks:
       - id: check-yaml
       - id: end-of-file-fixer
       - id: trailing-whitespace
       - id: detect-private-key
-  - repo: https://github.com/humitos/mirrors-autoflake.git
-    rev: v1.1
+  - repo: https://github.com/PyCQA/autoflake
+    rev: v2.3.1
     hooks:
       - id: autoflake
         args:
@@ -26,11 +26,11 @@ repos:
       - id: black
         language_version: python3
   - repo: https://github.com/pycqa/flake8
-    rev: "6.1.0"
+    rev: "7.1.0"
     hooks:
       - id: flake8
   - repo: https://github.com/pre-commit/mirrors-prettier
-    rev: "v3.0.3"
+    rev: "v4.0.0-alpha.8"
     hooks:
       - id: prettier
         additional_dependencies:
@@ -41,9 +41,9 @@ repos:
     hooks:
       - id: djlint-reformat-django
       - id: djlint-django
-        args: ["--ignore", "H006,H013,H023"]
+        args: ["--ignore", "H006,H008,H013,H021,H023,D004,D018"]
   - repo: https://github.com/pre-commit/mirrors-eslint
-    rev: 'v8.56.0'
+    rev: 'v9.8.0'
     hooks:
     -   id: eslint
         additional_dependencies:

diff --git a/app/apps/authenticatie/views.py b/app/apps/authenticatie/views.py
diff --git a/app/apps/main/templates/email/email_melding_aanmaken.html b/app/apps/main/templates/email/email_melding_aanmaken.html
diff --git a/app/apps/services/basis.py b/app/apps/services/basis.py
@@ -2,6 +2,7 @@
 from urllib.parse import urlencode
 
 import requests
+import urllib3
 from django.core.cache import cache
 from requests import Request, Response
 
@@ -29,7 +30,9 @@ def get_url(self, url):
         return url
 
     def get_headers(self):
-        return {}
+        return {
+            "user-agent": urllib3.util.SKIP_HEADER,
+        }
 
     def naar_json(self, response):
         try:

diff --git a/app/apps/services/meldingen.py b/app/apps/services/meldingen.py
@@ -1,6 +1,7 @@
 from urllib.parse import urlparse
 
 import requests
+import urllib3
 from django.conf import settings
 from django.core.cache import cache
 from django.core.exceptions import ValidationError
@@ -77,6 +78,9 @@ def haal_token(self):
                     "username": email,
                     "password": settings.MELDINGEN_PASSWORD,
                 },
+                headers={
+                    "user-agent": urllib3.util.SKIP_HEADER,
+                },
             )
             if token_response.status_code == 200:
                 meldingen_token = token_response.json().get("token")
@@ -91,7 +95,10 @@ def haal_token(self):
         return meldingen_token
 
     def get_headers(self):
-        headers = {"Authorization": f"Token {self.haal_token()}"}
+        headers = {
+            "user-agent": urllib3.util.SKIP_HEADER,
+            "Authorization": f"Token {self.haal_token()}",
+        }
         return headers
 
     def do_request(self, url, method="get", data={}, raw_response=True, stream=False):

diff --git a/app/config/settings.py b/app/config/settings.py
@@ -5,6 +5,7 @@
 from os.path import join
 
 import requests
+import urllib3
 
 locale.setlocale(locale.LC_ALL, "nl_NL.UTF-8")
 logger = logging.getLogger(__name__)
@@ -195,8 +196,8 @@
 CSRF_COOKIE_HTTPONLY = True
 SESSION_COOKIE_SECURE = not DEBUG
 CSRF_COOKIE_SECURE = not DEBUG
-SESSION_COOKIE_NAME = "__Secure-sessionid" if not DEBUG else "sessionid"
-CSRF_COOKIE_NAME = "__Secure-csrftoken" if not DEBUG else "csrftoken"
+SESSION_COOKIE_NAME = "__Host-sessionid" if not DEBUG else "sessionid"
+CSRF_COOKIE_NAME = "__Host-csrftoken" if not DEBUG else "csrftoken"
 SESSION_COOKIE_SAMESITE = "Lax"  # Strict does not work well together with OIDC
 CSRF_COOKIE_SAMESITE = "Lax"  # Strict does not work well together with OIDC
 
@@ -373,7 +374,12 @@
 )
 OPENID_CONFIG = {}
 try:
-    OPENID_CONFIG = requests.get(OPENID_CONFIG_URI).json()
+    OPENID_CONFIG = requests.get(
+        OPENID_CONFIG_URI,
+        headers={
+            "user-agent": urllib3.util.SKIP_HEADER,
+        },
+    ).json()
 except Exception as e:
     logger.error(f"OPENID_CONFIG FOUT, url: {OPENID_CONFIG_URI}, error: {e}")
 
@@ -412,7 +418,6 @@
         "apps.authenticatie.auth.OIDCAuthenticationBackend",
     ]
 
-    OIDC_OP_LOGOUT_URL_METHOD = "apps.authentication.views.provider_logout"
     ALLOW_LOGOUT_GET_METHOD = True
     OIDC_STORE_ID_TOKEN = True
     OIDC_RENEW_ID_TOKEN_EXPIRY_SECONDS = int(

diff --git a/app/config/webpack.py b/app/config/webpack.py
diff --git a/nginx/nginx-default.conf b/nginx/nginx-default.conf
@@ -14,14 +14,19 @@ server {
 
     location / {
         proxy_pass http://localhost:8000;
+        expires 0;
+        add_header Cache-Control "no-cache, no-store";
+        add_header Pragma no-cache;
     }
 
     location /media-protected {
         internal;
         alias /media/;
         access_log off;
-        expires 30d;
         add_header Vary Accept-Encoding;
+        expires 0;
+        add_header Cache-Control "no-cache, no-store";
+        add_header Pragma no-cache;
     }
 
     location /static {

diff --git a/nginx/nginx-default.development.conf b/nginx/nginx-default.development.conf
@@ -14,14 +14,19 @@ server {
 
     location / {
         proxy_pass http://mbc_app:8000;
+        expires 0;
+        add_header Cache-Control "no-cache, no-store";
+        add_header Pragma no-cache;
     }
 
     location /media-protected {
         internal;
         alias /media/;
         access_log off;
-        expires 30d;
         add_header Vary Accept-Encoding;
+        expires 0;
+        add_header Cache-Control "no-cache, no-store";
+        add_header Pragma no-cache;
     }
 
     location /static {