This is the project repo for the WIC Montana Demonstration Project. It describes the overall shape of this project and technical documentation that applies to all parts of the project. In addition, it describes how to run the various components of this project. Technical documentation for each component are contained in their respective repos:
- the eligibility screener app repo: contains all project files related to the eligibility screener Next.js application
- the mock API app repo: contains all project files related to the mock API wrapper for Montana's SPIRIT MIS software
For this project, we have dockerized each component and use docker-compose
.
For CI, we are using Github Actions. In each repo, the primary branch is main
and we have configured it as a protected branch. To merge to main
, a Pull Request must be made, status checks must pass, and the branch must be up to date.
For our project work, each PR is required to have at least one code review and approval. This is enforced in Github in this project repo.
We have enabled the following status checks in each app repo:
- typechecking
- linting
- testing
- security scanning
The eligibility screener repo also includes accessibility scanning with jest-axe.
We have enabled Dependabot and CodeQL security and dependency scanning in Github.
Each application uses GitHub Actions for continous deployment. The workflows in this repo are responsible for keeping resources managed by Terraform in this repository (e.g. ECS tasks) up-to-date and making sure that the Terraform code is linted. These actions run every time a new commit contains changes to a file with the .tf
extension.
We are using Terraform to manage our infrastructure as code.
We are hosting our environments and networking resources in AWS.
Environments
There is a test
environment enabled for both the eligibility screener and the mock api. Each
application has a main.tf
which serves as a template for creating the relevant resources required
for hosting the application in different environments. (e.g. ECS tasks, security groups)
Secrets
Secrets are managed in AWS Parameter Store. Variables should be referenced using Terraform's
aws_ssm_parameter
data resources.
Application environment variables
- Many of the resources in each application (e.g. cluster names, load balancers) are prefixed with the name of the environment.
Logging, Monitoring, and Alerting Basic Cloudwatch monitoring has been enabled in this repository. The resources that have monitoring enabled are ECS tasks, RDS and container insights.
ECS tasks: This logging group contains varying information about the ECS tasks themselves. Application errors are typically caught here.
screener
: contains logs generated by the eligibility screener containermock-api
: contains logs generated by the mock api container and the csv-handler task, a JSON containing the response from the /healthcheck endpoint
RDS: This logging group contains information about RDS events. Examples include: creating checkpoints and how long that process took to complete.
Container insights: This logging group contains metrics about Fargate tasks such as CPU and reserved memory
To run the eligibility screener and the Mock API in development mode locally:
- Navigate to the root directory of this repo
- Clone the eligibility screener repo:
git clone git@github.com:navapbc/wic-mt-demo-project-eligibility-screener.git eligibility-screener
- Clone the mock API repo:
git clone git@github.com:navapbc/wic-mt-demo-project-mock-api.git mock-api
- Build the docker images and start the containers (it will start 3 containers: mock api, eligibility screener, postgresql):
docker-compose up -d --build
- If this is the first time you are running the mock API, then it will crash because the database migrations haven't been run yet. Run them and then restart the container:
docker-compose run --rm mock-api poetry run db-migrate-up && docker-compose up -d
- Run storybook:
docker-compose exec eligibility-screener yarn storybook
Now you can navigate to:
localhost:3000
to access the eligibility screenerlocalhost:8080/v1/docs
to access the swagger docslocalhost:6006
to access storybook