@financial-times/rel-engage
Standardised tools for the reliability engineering team
Last updated 12 days ago by the-ft .
ISC · Repository · Bugs · Original npm · Tarball · package.json
$ cnpm install @financial-times/rel-engage 
SYNC missed versions from official npm registry.

rel-engage

Standardised tools for the reliability engineering team. Name likely to change

This is very much a work in progress and breaking changes should be expected. Adopt with care.

A few ideas for what could go in here

  • [x] a very basic, self-installing makefile (like n-gage, but with less stuff)
  • [x] installs linting configs and runtimes ✓
  • [ ] custom linting for things we care about e.g. may want to enforce consistent patterns in serverless.yaml
  • [ ] do-exclusively.sh
  • [ ] example circle, serverless & terraform configs (maybe extending to scaffolding tools to generate ones for new projects)
  • [ ] some kind of test harnessing
  • [ ] integration with vault
  • [x] secret squirrel
  • [ ] v2 of secret squirrel - lots of issues created on the original
  • [ ] shared cert generator
  • [ ] code coverage

Installation

npx @financial-times/rel-engage

This will install rel-engage in your repository, as well as running make install to generate a Makefile and several config files. These should be comitted - the config files are references to more flexible config found in this package, and shouldn't need direct modification in future, so are safe to commit.

Usage

The installation step will install a base Makefile to the repository.

This give access to a number of commands.

To view the available commands, and usage instructions, run

make help

Configuration

Bootstrapping with rel-engage adds a selection of configuration files to your repository:

  • editorconfig (.editorconfig) - editor setting configuration
  • eslint (.eslintrc.js, .eslintignore) - javascript linter
  • husky (.huskyrc.js) - git hook configuration
  • lint-staged (.lintstagedrc.js) - commands to run on staged files, defined per file extension
  • prettier (.prettierrc.js, .prettierignore) - javascript code formatter

These configs link to shared configurations, and do not contain any rules themselves. They should rarely need to be overriden. Some configs allow specific flags to override configuration, see below.

In the case where you do wish to override them, and there are no specific flags in rel-engage to do so, it's possible to directly modify the configuration, either by using the built in support for the tool (e.g eslint supports extends), or by manually extending the javascript object the configuration imports.

Eslint

Eslint can be configured by adding properties to package.json:

{
    "rel-engage": {


        "eslint": {
            "esModules": true // Enable Ecmascript Modules syntax (impliedStrict, import/export),
            "prettier": false // Enable prettier formatting via eslint
        }
    }
}

Vault

Our secrets are stored in vault and can be retrieved and stored in a .env file by means of a shell script, or some make helper tasks which wrap it.

Authenticating

Locally, ensure the vault-cli is installed and configured correctly, and that you are in the reliability-engineering github team. In CI, vault credentials are required. These are available by running a job with the rel-eng-creds context.

Script

The script is located at ./node-modules/@financial-times/rel-engage/packages/vault/get-env.js and expects to be passed a list of folders in vault (with .../reliability-engineering/ stripped from the path). When a variable exists in more than one folder retrieved by the script, the first one found will take precedence. e.g.

node ./node-modules/@financial-times/rel-engage/packages/vault/get-env.js biz-ops-api/dev biz-ops-api/test PRODUCTS/biz-ops/test

will override any test environment variables for the biz-ops product with those for the biz-ops-api project, and in turn they will get overridden by any dev variables.

Make tasks

In general, our projects are stored in vault under the following file structure:

/project-name (i.e. repository name)
  |_prod
  |_test
/PRODUCTS
  |_product-name
    |_prod
    |_test
/PLATFORMS
  |_platform-name
    |_prod
    |_test

If you set the following variables in make

PROJECT_NAME=your-project-name
PRODUCT_NAME=your-product-name
PLATFORM_NAME=your-platform-name

then make test-env and make prod-env will retrieve test and prod credentials respectively. make .env/make env is aliased to make test-env. For projects where something else is required, both aliases can be overridden with

env:
    node ./node-modules/@financial-times/rel-engage/packages/vault/get-env.js your custom vault directories

Snyk

Snyk is used to scan dependencies for security vulnerabilities when running make verify on CI.

When running locally, the user should run: make security-login to login to Snyk for subsequent calls.

The make security command then replicates the checks ran on CI so failures can be actioned.

The make security-monitor command publishes a snapshot of the current dependencies to snyk to be monitored for new vulnerabilities. This should be ran after a deployment.

The environment variable SNYK_TOKEN should be available on CI, as the login web flow is not suitable for the CI environment. Jobs using the rel-eng-creds context should have access to the key.

For Snyk configuration help (including .snyk configuration files), see the Snyk documentation.

Current Tags

  • 7.4.3                                ...           latest (12 days ago)

67 Versions

  • 7.4.3                                ...           12 days ago
  • 7.4.2                                ...           12 days ago
  • 7.4.1                                ...           12 days ago
  • 7.4.0                                ...           19 days ago
  • 7.3.3                                ...           3 months ago
  • 7.3.2                                ...           4 months ago
  • 7.3.2-beta.1                                ...           4 months ago
  • 7.3.1                                ...           5 months ago
  • 7.3.0                                ...           6 months ago
  • 7.3.0-beta.2                                ...           6 months ago
  • 7.3.0-beta.1                                ...           6 months ago
  • 7.2.2                                ...           7 months ago
  • 7.2.1                                ...           7 months ago
  • 7.2.0                                ...           7 months ago
  • 7.1.4                                ...           8 months ago
  • 7.1.3                                ...           9 months ago
  • 7.1.2                                ...           a year ago
  • 7.1.1                                ...           a year ago
  • 7.1.0                                ...           a year ago
  • 7.0.2                                ...           a year ago
  • 7.0.1                                ...           a year ago
  • 7.0.0                                ...           a year ago
  • 6.0.1                                ...           a year ago
  • 6.0.0                                ...           a year ago
  • 5.0.3                                ...           a year ago
  • 5.0.2                                ...           a year ago
  • 5.0.1                                ...           a year ago
  • 5.0.0                                ...           a year ago
  • 5.1.0-beta.13                                ...           a year ago
  • 5.1.0-beta.12                                ...           a year ago
  • 5.1.0-beta.10                                ...           a year ago
  • 5.1.0-beta.9                                ...           a year ago
  • 5.1.0-beta.7                                ...           a year ago
  • 5.1.0-beta.6                                ...           a year ago
  • 5.1.0-beta.5                                ...           a year ago
  • 5.1.0-beta.3                                ...           a year ago
  • 5.1.0-beta.2                                ...           a year ago
  • 5.1.0-beta.1                                ...           a year ago
  • 0.0.0                                ...           a year ago
  • 4.1.2                                ...           a year ago
  • 4.1.1                                ...           a year ago
  • 4.1.0                                ...           a year ago
  • 4.0.1                                ...           a year ago
  • 4.0.0                                ...           a year ago
  • 3.1.1                                ...           2 years ago
  • 3.1.0                                ...           2 years ago
  • 3.0.0                                ...           2 years ago
  • 2.1.3                                ...           2 years ago
  • 2.1.2                                ...           2 years ago
  • 2.1.1                                ...           2 years ago
  • 2.1.0                                ...           2 years ago
  • 2.0.3                                ...           2 years ago
  • 2.0.2                                ...           2 years ago
  • 2.0.1                                ...           2 years ago
  • 2.0.0                                ...           2 years ago
  • 1.2.0                                ...           2 years ago
  • 1.1.0                                ...           2 years ago
  • 1.0.14                                ...           2 years ago
  • 1.0.13                                ...           2 years ago
  • 1.0.12                                ...           2 years ago
  • 1.0.11                                ...           2 years ago
  • 1.0.9                                ...           2 years ago
  • 1.0.8                                ...           2 years ago
  • 1.0.7                                ...           2 years ago
  • 1.0.6                                ...           2 years ago
  • 1.0.5                                ...           2 years ago
  • 1.0.2                                ...           2 years ago

Copyright 2014 - 2016 © taobao.org |