Merge branch 'main' into 350-restore-the-time-series-to-the-variable-…

…summaries

.dockerignore

@@ -1,5 +1,5 @@
 **/__pycache__/
 node_modules/
-/tmp
+**/tmp
 
 *.pyc

.github/ISSUE_TEMPLATE/change_request.md

@@ -0,0 +1,13 @@
+---
+name: Change Request
+about: Request an improvement to the application
+labels: request
+---
+
+## Describe the motiviation for the change
+
+Let us know why this change would be useful to you. What are you trying to accomplish that you can’t? What is tripping you up with the application as it exists today?
+
+## Describe the change
+
+This could be a new feature, or a change to an existing feature. You’re welcome to leave this blank.

.github/dependabot.yml

@@ -11,31 +11,43 @@ updates:
       interval: "weekly"
     pull-request-branch-name:
       separator: "-" # Use "-" instead of "/" in branch names to avoid issues with docker registries
+    assignees:
+      - "ian-noaa"
 
   - package-ecosystem: "docker"
     directory: "/"
     schedule:
       interval: "weekly"
     pull-request-branch-name:
       separator: "-" # Use "-" instead of "/" in branch names to avoid issues with docker registries
+    assignees:
+      - "ian-noaa"
 
   - package-ecosystem: "pip"
-    directory: "/services/api"
-    schedule:
-      interval: "monthly"
-    pull-request-branch-name:
-      separator: "-" # Use "-" instead of "/" in branch names to avoid issues with docker registries
-
-  - package-ecosystem: "pip"
-    directory: "/services/data"
+    directory: "/"
     schedule:
-      interval: "monthly"
+      interval: "weekly"
     pull-request-branch-name:
       separator: "-" # Use "-" instead of "/" in branch names to avoid issues with docker registries
+    assignees:
+      - "ian-noaa"
+    groups:
+      pip-dependencies:
+        patterns:
+        # Ideally, we could split this into dev and application dependencies.
+        # However, then we'd have to maintain our dependencies list here as
+        # well as in the pyproject.toml file.
+        - "*"
 
   - package-ecosystem: "npm"
-    directory: "/services/api"
+    directory: "/"
     schedule:
-      interval: "monthly"
+      interval: "weekly"
     pull-request-branch-name:
       separator: "-" # Use "-" instead of "/" in branch names to avoid issues with docker registries
+    assignees:
+      - "ian-noaa"
+    groups:
+      npm-dependencies:
+        patterns:
+        - "*"

.github/workflows/api-cleanup-pr-images.yaml

@@ -35,7 +35,7 @@ jobs:
     concurrency: vlab
     steps:
       - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v2
+        uses: aws-actions/configure-aws-credentials@v4
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

.github/workflows/api.yaml

@@ -9,14 +9,24 @@ on:
     paths:
       - "src/**/*.py"
       - "src/**/*.html"
+      - "tests/**/*"
       - ".github/workflows/**"
       - ".github/scripts/**"
+      - "pyproject.toml"
+      - "poetry.lock"
+      - "docker/app/**"
+      - "docker/diag-etl/**"
   pull_request:
     paths:
       - "src/**/*.py"
       - "src/**/*.html"
+      - "tests/**/*"
       - ".github/workflows/**"
       - ".github/scripts/**"
+      - "pyproject.toml"
+      - "poetry.lock"
+      - "docker/app/**"
+      - "docker/diag-etl/**"
   workflow_dispatch: # Manually
 env:
   REGISTRY: ghcr.io/noaa-gsl/unified-graphics
@@ -25,15 +35,15 @@ jobs:
   lint:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Install poetry
         run: pipx install poetry
       - uses: actions/setup-python@v4
         with:
-          python-version: "3.9"
+          python-version: "3.10"
       - name: Install dependencies
         run: |
-          poetry env use 3.9
+          poetry env use 3.10
           poetry install
       - name: Lint with Black
         run: poetry run black --check .
@@ -44,15 +54,15 @@ jobs:
   type-check:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Install poetry
         run: pipx install poetry
       - uses: actions/setup-python@v4
         with:
-          python-version: "3.9"
+          python-version: "3.10"
       - name: Install dependencies
         run: |
-          poetry env use 3.9
+          poetry env use 3.10
           poetry install
       - name: Check Types with mypy
         run: poetry run mypy src/
@@ -73,19 +83,19 @@ jobs:
         ports:
           - "5432:5432"
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Install poetry
         run: pipx install poetry
       - uses: actions/setup-python@v4
         with:
-          python-version: "3.9"
+          python-version: "3.10"
       - name: Install dependencies
         run: |
-          poetry env use 3.9
+          poetry env use 3.10
           poetry install
       - name: Test
         run: |
-          poetry run coverage run -m pytest --tb=no
+          poetry run coverage run -m pytest tests/
           poetry run coverage report
           poetry run coverage xml
       - name: Code Coverage Report
@@ -113,14 +123,14 @@ jobs:
     permissions:
       packages: write
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Extract branch/tag name
         run: python3 ./.github/scripts/extract_git_ref.py # Provides env.BRANCH
       - name: Build & tag image
         run: |
           docker build -t ${{ env.REGISTRY }}/api:${{ env.BRANCH }} -f docker/app/Dockerfile .
       - name: Login to GHCR
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
@@ -134,14 +144,14 @@ jobs:
     permissions:
       packages: write
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Extract branch/tag name
         run: python3 ./.github/scripts/extract_git_ref.py # Provides env.BRANCH
       - name: Build & tag image
         run: |
           docker build -t ${{ env.REGISTRY }}/data:${{ env.BRANCH }} -f docker/diag-etl/Dockerfile .
       - name: Login to GHCR
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
@@ -153,7 +163,7 @@ jobs:
     runs-on: ubuntu-latest
     needs: build_app
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Extract branch/tag name
         run: python3 ./.github/scripts/extract_git_ref.py # Provides env.BRANCH
       - name: Scan image with Trivy
@@ -177,7 +187,7 @@ jobs:
     runs-on: ubuntu-latest
     needs: build_diag_etl
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Extract branch/tag name
         run: python3 ./.github/scripts/extract_git_ref.py # Provides env.BRANCH
       - name: Scan image with Trivy
@@ -204,23 +214,23 @@ jobs:
     concurrency: vlab
     needs: [scan_app, scan_diag_etl]
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Extract branch/tag name
         run: python3 ./.github/scripts/extract_git_ref.py # Provides env.BRANCH
       - name: Login to GHCR
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
       - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v2
+        uses: aws-actions/configure-aws-credentials@v4
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
           aws-region: us-east-1
       - name: Login to ECR
-        uses: aws-actions/amazon-ecr-login@v1
+        uses: aws-actions/amazon-ecr-login@v2
       - name: retag image and push
         run: |
           docker pull ${{ env.REGISTRY }}/api:${{ env.BRANCH }}

.github/workflows/check-ci.yaml

@@ -14,7 +14,7 @@ jobs:
   check:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Install dependencies
         run: |
           pip install black flake8 pytest mypy

.github/workflows/ui-cleanup-pr-images.yaml

@@ -30,7 +30,7 @@ jobs:
     concurrency: vlab
     steps:
       - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v2
+        uses: aws-actions/configure-aws-credentials@v4
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

.github/workflows/ui.yaml

@@ -13,6 +13,7 @@ on:
       - "src/*/static/**"
       - ".github/workflows/**"
       - ".github/scripts/**"
+      - "docker/webserver/**"
   pull_request:
     paths:
       - ".nvmrc"
@@ -21,6 +22,7 @@ on:
       - "src/*/static/**"
       - ".github/workflows/**"
       - ".github/scripts/**"
+      - "docker/webserver/**"
   workflow_dispatch: # Manually
 env:
   REGISTRY: ghcr.io/noaa-gsl/unified-graphics/ui
@@ -29,7 +31,7 @@ jobs:
   lint:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: actions/setup-node@v3
         with:
           node-version-file: ".nvmrc"
@@ -44,7 +46,7 @@ jobs:
   #   permissions:
   #     pull-requests: write
   #   steps:
-  #     - uses: actions/checkout@v3
+  #     - uses: actions/checkout@v4
   #     - uses: actions/setup-node@v3
   #       with:
   #         node-version-file: ".nvmrc"
@@ -84,14 +86,14 @@ jobs:
     permissions:
       packages: write
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Extract branch/tag name
         run: python3 ./.github/scripts/extract_git_ref.py # Provides env.BRANCH
       - name: Build & tag image
         run: |
           docker build -t ${{ env.REGISTRY }}:${{ env.BRANCH }} -f docker/webserver/Dockerfile .
       - name: Login to GHCR
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
@@ -103,7 +105,7 @@ jobs:
     runs-on: ubuntu-latest
     needs: build
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Extract branch/tag name
         run: python3 ./.github/scripts/extract_git_ref.py # Provides env.BRANCH
       - name: Scan image with Trivy
@@ -130,23 +132,23 @@ jobs:
     concurrency: vlab
     needs: scan
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Extract branch/tag name
         run: python3 ./.github/scripts/extract_git_ref.py # Provides env.BRANCH
       - name: Login to GHCR
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
       - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v2
+        uses: aws-actions/configure-aws-credentials@v4
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
           aws-region: us-east-1
       - name: Login to ECR
-        uses: aws-actions/amazon-ecr-login@v1
+        uses: aws-actions/amazon-ecr-login@v2
       - name: retag image and push
         run: |
           docker pull ${{ env.REGISTRY }}:${{ env.BRANCH }}