Skip to content
This repository has been archived by the owner on Apr 23, 2024. It is now read-only.

palfrey/vellere

Repository files navigation

Vellere

Vellere approximately (in my rather bad Latin), means "they demolish". Specifically, it tells you about a particular category of demolition: Github vulnerability notifications. They are already visible via the Github Web UI, but only to admins, and only to those who both digging through the notifications. Vellere provides a slightly more usable interface, as well as the option for notifying users in Slack, thus encouraging people to maybe actually fix things....

Online version is at https://vellere.tevp.net/

Local install

  1. Install Python
  2. Create a Github OAuth app and export the client id/secret as environment variables called GITHUB_CLIENT_ID and GITHUB_CLIENT_SECRET
  3. Create a Slack App and export the client id/secret as environment variables called SLACK_CLIENT_ID and SLACK_CLIENT_SECRET
  4. pip install -r requirements.txt
  5. Optional: Setup a database (e.g. Postgres) and export the URL to the database as DATABASE_URL using the dj-database-url URL schema. If you don't do this, we'll use sqlite by default, which works fine for local dev.
  6. Optional: Export OAUTHLIB_INSECURE_TRANSPORT=1 for local dev without HTTPS
  7. python manage.py migrate
  8. python manage.py runserver

Wharf install

  1. Create a new app called Vellere.
  2. Set GITHUB_URL to https://github.com/palfrey/vellere.git
  3. Create a Postgres database
  4. Set the Slack/Github environment variables as per local install
  5. Deploy the app
  6. Configure a usable hostname and enable Let's Encrypt (as OAuth gets unhappy without HTTPS)