Merge 75d7d88 into 094cf83

.buildpacks

@@ -1 +1,2 @@
+https://github.com/18F/cf-env-parser-buildpack.git
 https://github.com/cloudfoundry/ruby-buildpack.git

.env.example

@@ -1,10 +1,10 @@
 ROOT_URL="http://localhost:3000"
-MPT_3500_GITHUB_KEY="your-client-id"
-MPT_3500_GITHUB_SECRET="your-client-secret"
-SMTP_PASSWORD='your-mandrill-api-key'
-SMTP_USERNAME='your-mandrill-email'
-DEFAULT_URL_HOST='localhost:3000'
-DEFAULT_EMAIL_FROM='info@micropurchase.18f.gov',
-C2_HOST="https://c2-dev.18f.gov"
-C2_OAUTH_KEY=""
-C2_OAUTH_SECRET=""
+MICROPURCHASE_GITHUB_CLIENT_ID="your-client-id"
+MICROPURCHASE_GITHUB_SECRET="your-client-secret"
+MICROPURCHASE_SMTP_SMTP_PASSWORD='your-mandrill-api-key'
+MICROPURCHASE_SMTP_SMTP_USERNAME='your-mandrill-email'
+MICROPURCHASE_SMTP_DEFAULT_URL_HOST='localhost:3000'
+MICROPURCHASE_SMTP_DEFAULT_EMAIL_FROM='info@micropurchase.18f.gov'
+MICROPURCHASE_C2_HOST='https://c2-dev.18f.gov'
+MICROPURCHASE_C2_OAUTH_KEY=''
+MICROPURCHASE_C2_OAUTH_SECRET=''

.env.test

@@ -1,5 +1,6 @@
-DEFAULT_EMAIL_FROM=info@example.com
+MICROPURCHASE_SMTP_DEFAULT_EMAIL_FROM=info@example.com
 DATA_DOT_GOV_API_KEY=test_api_key
-C2_HOST=https://c2-dev.18f.gov
-C2_OAUTH_KEY=""
-C2_OAUTH_SECRET=""
+MICROPURCHASE_C2_HOST=https://c2-dev.18f.gov
+MICROPURCHASE_C2_OAUTH_KEY=""
+MICROPURCHASE_C2_OAUTH_SECRET=""
+MICROPURCHASE_SMTP_DEFAULT_FROM=example.com

Gemfile

@@ -29,6 +29,9 @@ gem 'c2', github: '18f/c2-api-client-ruby'
 group :test do
   gem "codeclimate-test-reporter", require: nil
   gem 'codeclimate_batch', require: nil
+  gem 'dotenv'
+  gem 'webmock'
+  gem 'json-schema'
   gem 'db-query-matchers'
   gem 'json-schema'
   gem 'shoulda-matchers'

Gemfile.lock

@@ -413,6 +413,7 @@ DEPENDENCIES
   database_cleaner
   db-query-matchers
   delayed_job_active_record
+  dotenv
   dotenv-rails
   email_validator
   factory_girl_rails

app/credentials/data_dot_gov_credentials.rb

@@ -1,13 +1,5 @@
-require "concerns/user_provided_service"
-
 class DataDotGovCredentials
-  extend UserProvidedService
-
-  def self.api_key(force_vcap: false)
-    if use_env_var?(force_vcap)
-      ENV['DATA_DOT_GOV_API_KEY']
-    else
-      credentials('data-dot-gov')['api_key']
-    end
+  def self.api_key
+    ENV["DATA_DOT_GOV_API_KEY"]
   end
 end

app/credentials/github_credentials.rb

@@ -1,21 +1,9 @@
-require "concerns/user_provided_service"
-
 class GithubCredentials
-  extend UserProvidedService
-
-  def self.client_id(force_vcap: false)
-    if use_env_var?(force_vcap)
-      ENV['MPT_3500_GITHUB_KEY']
-    else
-      credentials('micropurchase-github')['client_id']
-    end
+  def self.client_id
+    ENV["MICROPURCHASE_GITHUB_CLIENT_ID"]
   end
 
-  def self.secret(force_vcap: false)
-    if use_env_var?(force_vcap)
-      ENV['MPT_3500_GITHUB_SECRET']
-    else
-      credentials('micropurchase-github')['secret']
-    end
+  def self.secret
+    ENV["MICROPURCHASE_GITHUB_SECRET"]
   end
 end

app/credentials/smtp_credentials.rb

@@ -1,33 +1,17 @@
-require "concerns/user_provided_service"
-
 class SMTPCredentials
-  extend UserProvidedService
-
-  def self.smtp_password(force_vcap: false)
-    if use_env_var?(force_vcap)
-      ENV['SMTP_PASSWORD']
-    else
-      credentials('micropurchase-smtp')['smtp_password']
-    end
+  def self.smtp_password
+    ENV["MICROPURCHASE_SMTP_SMTP_PASSWORD"]
   end
 
-  def self.smtp_username(force_vcap: false)
-    if use_env_var?(force_vcap)
-      ENV['SMTP_USERNAME']
-    else
-      credentials('micropurchase-smtp')['smtp_username']
-    end
+  def self.smtp_username
+    ENV["MICROPURCHASE_SMTP_SMTP_USERNAME"]
   end
 
-  def self.default_url_host(force_vcap: false)
-    if use_env_var?(force_vcap)
-      ENV['DEFAULT_URL_HOST']
-    else
-      credentials('micropurchase-smtp')['default_url_host']
-    end
+  def self.default_url_host
+    ENV["MICROPURCHASE_SMTP_DEFAULT_URL_HOST"]
   end
 
   def self.default_from
-    credentials('micropurchase-smtp')['default_from']
+    ENV["MICROPURCHASE_SMTP_DEFAULT_FROM"]
   end
 end

app/services/create_cap_proposal.rb

@@ -23,10 +23,10 @@ def add_cap_proposal_url_to_auction!(cap_proposal_url)
   end
 
   def configure_c2_client
-    @host = ENV.fetch('C2_HOST', 'https://cap.18f.gov')
+    @host = ENV.fetch('C2_HOST', 'https://c2-dev.18f.gov')
     @c2_client = C2::Client.new(
-      oauth_key: ENV.fetch('C2_OAUTH_KEY'),
-      oauth_secret: ENV.fetch('C2_OAUTH_SECRET'),
+      oauth_key: ENV.fetch('MICROPURCHASE_C2_OAUTH_KEY'),
+      oauth_secret: ENV.fetch('MICROPURCHASE_C2_OAUTH_SECRET'),
       host: @host,
       debug: ENV.fetch('C2_DEBUG', false)
     )

docs/deployment.md

@@ -24,9 +24,15 @@ $ cf push
 ### Setting environment variables on staging or production
 
 Cloud.gov allows you to set environment variables manually, but they are wiped
-out on each deploy. To get around this issue, we are setting environment
-variables via `Credentials` classes locally and having those classes access
-attributes stored in user-provided services on Cloud.gov.
+out by a zero-downtime deploy. To get around this issue, we are accessing
+environment variables via `Credentials` classes locally.
+
+The classes pick up environment variables set in the shell by the `cf-env-parser`
+buildpack; more information about how it works can be found in
+[that project's repo](https://github.com/18f/cf-env-parser-buildpack).
+
+If you're not using Cloud Foundry to deploy, just set the environment variables
+directly in your system.
 
 Steps to set new environment variables:
 
@@ -36,22 +42,13 @@ Steps to set new environment variables:
   # app/credentials/github_credentials.rb
 
   class GithubCredentials
-    extend UserProvidedService
-
-    def self.client_id(force_vcap: false)
-      if use_env_var?(force_vcap)
-        ENV['MPT_3500_GITHUB_KEY']
-      else
-        credentials('micropurchase-github')['client_id']
-      end
+
+    def self.client_id
+      ENV['MICROPURCHASE_GITHUB_CLIENT_ID']
     end
 
-    def self.secret(force_vcap: false)
-      if use_env_var?(force_vcap)
-        ENV['MPT_3500_GITHUB_SECRET']
-      else
-        credentials('micropurchase-github')['secret']
-      end
+    def self.secret
+      ENV['MICROPURCHASE_GITHUB_SECRET']
     end
   end
   ```
@@ -74,8 +71,8 @@ Steps to set new environment variables:
   ```
   # .env
 
-  MPT_3500_GITHUB_KEY=super_secret_key
-  MPT_3500_GITHUB_SECRET=super_secret_secret
+  MICROPURCHASE_GITHUB_CLIENT_ID=super_secret_key
+  MICROPURCHASE_GITHUB_SECRET=super_secret_secret
   ```
 
 1. Create a [user-provided service](https://docs.cloudfoundry.org/devguide/services/user-provided.html):
@@ -128,7 +125,7 @@ $ cf create-service rds shared-psql micropurchase-psql
 Set up the database:
 
 ```
-$ cf-ssh
+$ cf-ssh -f manifest.yml
 $~ bundle exec rake db:migrate
 $~ bundle exec rake db:seed
 ```

docs/local_development.md

@@ -34,8 +34,8 @@ Secret. Put the values in the `.env` file at the root of the application.
 ```
 # .env
 
-MPT_3500_GITHUB_KEY="your-client-id"
-MPT_3500_GITHUB_SECRET="your-client-secret"
+MICROPURCHASE_GITHUB_CLIENT_ID="your-client-id"
+MICROPURCHASE_GITHUB_SECRET="your-client-secret"
 ```
 
 Make sure to restart the server to register those environment variables.
@@ -44,7 +44,8 @@ Make sure to restart the server to register those environment variables.
 
 We are using [Mandrill](https://mandrillapp.com/) to send transactional emails.
 To set up email sending in a production environment, you will need to set the
-`SMTP_PASSWORD` and `SMTP_USERNAME` environment variables.
+`MICROPURCHASE_SMTP_SMTP_PASSWORD` and `MICROPURCHASE_SMTP_SMTP_USERNAME`
+environment variables.
 
 In the development environment, we are using
 [Letter Opener](https://github.com/ryanb/letter_opener). Letter Opener lets you

manifest-staging.yml

@@ -12,3 +12,6 @@ applications:
     - micropurchase-smtp
     - data-dot-gov
   command: script/start
+  env:
+    RAILS_ENV: staging
+    RACK_ENV: staging

manifest.yml

@@ -12,3 +12,6 @@ applications:
     - micropurchase-smtp
     - data-dot-gov
   command: script/start
+  env:
+    RAILS_ENV: production
+    RACK_ENV: production

spec/credentials/data_dot_gov_credentials_spec.rb

@@ -6,19 +6,9 @@
       env_var_api_key = "super secret api key"
       ENV['DATA_DOT_GOV_API_KEY'] = env_var_api_key
 
-      api_key = DataDotGovCredentials.api_key(force_vcap: false)
+      api_key = DataDotGovCredentials.api_key
 
       expect(api_key).to eq env_var_api_key
     end
   end
-
-  context "parsing user provided service" do
-    it "returns correct value" do
-      fixture_api_key = "fakeapikey"
-
-      api_key = DataDotGovCredentials.api_key(force_vcap: true)
-
-      expect(api_key).to eq fixture_api_key
-    end
-  end
 end

spec/credentials/github_credentials_spec.rb

@@ -5,27 +5,14 @@
     it "returns correct value" do
       env_var_client_id = "super secret key"
       env_var_secret = "super secret secret"
-      ENV['MPT_3500_GITHUB_KEY'] = env_var_client_id
-      ENV['MPT_3500_GITHUB_SECRET'] = env_var_secret
+      ENV['MICROPURCHASE_GITHUB_CLIENT_ID'] = env_var_client_id
+      ENV['MICROPURCHASE_GITHUB_SECRET'] = env_var_secret
 
-      client_id = GithubCredentials.client_id(force_vcap: false)
-      secret = GithubCredentials.secret(force_vcap: false)
+      client_id = GithubCredentials.client_id
+      secret = GithubCredentials.secret
 
       expect(client_id).to eq env_var_client_id
       expect(secret).to eq env_var_secret
     end
   end
-
-  context "parsing user provided service" do
-    it "returns correct value" do
-      fixture_key = "fakeclientid"
-      fixture_secret = "fakesecret"
-
-      client_id = GithubCredentials.client_id(force_vcap: true)
-      secret = GithubCredentials.secret(force_vcap: true)
-
-      expect(client_id).to eq fixture_key
-      expect(secret).to eq fixture_secret
-    end
-  end
 end

spec/credentials/smtp_credentials_spec.rb

@@ -6,36 +6,22 @@
       env_var_smtp_password = 'fake smtp password'
       env_var_smtp_username = 'fake smtp username'
       env_var_default_url_host = 'fake url host'
-      allow(ENV).to receive(:[]).with('SMTP_PASSWORD').and_return(env_var_smtp_password)
-      allow(ENV).to receive(:[]).with('SMTP_USERNAME').and_return(env_var_smtp_username)
-      allow(ENV).to receive(:[]).with('DEFAULT_URL_HOST').and_return(env_var_default_url_host)
+      env_var_default_from = 'fake@fakeurl.fake'
+
+      allow(ENV).to receive(:[]).with('MICROPURCHASE_SMTP_SMTP_PASSWORD').and_return(env_var_smtp_password)
+      allow(ENV).to receive(:[]).with('MICROPURCHASE_SMTP_SMTP_USERNAME').and_return(env_var_smtp_username)
+      allow(ENV).to receive(:[]).with('MICROPURCHASE_SMTP_DEFAULT_URL_HOST').and_return(env_var_default_url_host)
+      allow(ENV).to receive(:[]).with('MICROPURCHASE_SMTP_DEFAULT_FROM').and_return(env_var_default_from)
 
       password = SMTPCredentials.smtp_password
       username = SMTPCredentials.smtp_username
       url_host = SMTPCredentials.default_url_host
+      from = SMTPCredentials.default_from
 
       expect(password).to eq env_var_smtp_password
       expect(username).to eq env_var_smtp_username
       expect(url_host).to eq env_var_default_url_host
-    end
-  end
-
-  context 'parsing user provided service' do
-    it 'returns correct value' do
-      smtp_password_from_fixture = 'fakesmtppassword'
-      smtp_username_from_fixture = 'fakesmtpusername'
-      default_url_host_from_fixture = 'fakeurlhost.com'
-      default_from_from_fixture = 'info@localhost:3000'
-
-      password = SMTPCredentials.smtp_password(force_vcap: true)
-      username = SMTPCredentials.smtp_username(force_vcap: true)
-      url_host = SMTPCredentials.default_url_host(force_vcap: true)
-      from = SMTPCredentials.default_from
-
-      expect(password).to eq smtp_password_from_fixture
-      expect(username).to eq smtp_username_from_fixture
-      expect(url_host).to eq default_url_host_from_fixture
-      expect(from).to eq default_from_from_fixture
+      expect(from).to eq env_var_default_from
     end
   end
 end

spec/mailers/auction_mailer_spec.rb

@@ -13,7 +13,7 @@
         I18n.t('mailers.auction_mailer.losing_bidder_notification.subject')
       )
       expect(email.subject).to eq I18n.t('mailers.auction_mailer.losing_bidder_notification.subject')
-      expect(email.from).to eq SMTPCredentials.default_from
+      expect(email.from).to eq [SMTPCredentials.default_from]
       expect(email.body.encoded).to include(
         I18n.t(
           'mailers.auction_mailer.losing_bidder_notification.para_1',