Vellere approximately (in my rather bad Latin), means "they demolish". Specifically, it tells you about a particular category of demolition: Github vulnerability notifications. They are already visible via the Github Web UI, but only to admins, and only to those who both digging through the notifications. Vellere provides a slightly more usable interface, as well as the option for notifying users in Slack, thus encouraging people to maybe actually fix things....
Online version is at https://vellere.tevp.net/
- Install Python
- (Possibly also make a Virtualenv)
- Create a Github OAuth app and export the client id/secret as environment variables called
GITHUB_CLIENT_ID
andGITHUB_CLIENT_SECRET
- Create a Slack App and export the client id/secret as environment variables called
SLACK_CLIENT_ID
andSLACK_CLIENT_SECRET
pip install -r requirements.txt
- Optional: Setup a database (e.g. Postgres) and export the URL to the database as
DATABASE_URL
using the dj-database-url URL schema. If you don't do this, we'll use sqlite by default, which works fine for local dev. - Optional: Export
OAUTHLIB_INSECURE_TRANSPORT=1
for local dev without HTTPS python manage.py migrate
python manage.py runserver
Wharf install
- Create a new app called Vellere.
- Set
GITHUB_URL
tohttps://github.com/palfrey/vellere.git
- Create a Postgres database
- Set the Slack/Github environment variables as per local install
- Deploy the app
- Configure a usable hostname and enable Let's Encrypt (as OAuth gets unhappy without HTTPS)