Prepare production environment

[seamussmith]

• Start setting up environment in Heroku
• Configure secrets
• GitHub Integration
• Configure application for production
  • settings.py
  • Procfile
  • Deploy script
• Configure Google Cloud to accept new domain for app
• HTTPS redirection

Django check --deploy output

I have not fully researched the meaning of all of these outputs, so I made them into a checklist.

• You have not set a value for the SECURE_HSTS_SECONDS setting. If your entire site is served only over SSL, you may want to consider setting a value and enabling HTTP Strict Transport Security. Be sure to read the documentation first; enabling HSTS carelessly can cause serious, irreversible problems.
• Your SECURE_SSL_REDIRECT setting is not set to True. Unless your site should be available over both SSL and non-SSL connections, you may want to either set this setting True or configure a load balancer or reverse-proxy server to redirect all connections to HTTPS.
• Your SECRET_KEY has less than 50 characters, less than 5 unique characters, or it's prefixed with 'django-insecure-' indicating that it was generated automatically by Django. Please generate a long and random SECRET_KEY, otherwise many of Django's security-critical features will be vulnerable to attack.
  • This one was a false positive. We already get our secret key from an environment var. If no SECRET_KEY is set when DEBUG = True, I configured it to throw an exception.
• SESSION_COOKIE_SECURE is not set to True. Using a secure-only session cookie makes it more difficult for network traffic sniffers to hijack user sessions.
• You have 'django.middleware.csrf.CsrfViewMiddleware' in your MIDDLEWARE, but you have not set CSRF_COOKIE_SECURE to True. Using a secure-only CSRF cookie makes it more difficult for network traffic sniffers to steal the CSRF token.

[seamussmith]

Heroku is having issues with installing django-compressor dependency when trying to deploy.

Have a log:

-----> Installing pip 21.3.1, setuptools 57.5.0 and wheel 0.37.0
WARNING: Error parsing requirements for django: [Errno 2] No such file or directory: '/tmp/build_29664ba1/.heroku/python/lib/python3.10/site-packages/Django-4.0.3.dist-info/METADATA'
-----> Installing dependencies with Pipenv 2020.11.15
       Installing dependencies from Pipfile...
       An error occurred while installing django-compressor! Will try again.
       Installing initially failed dependencies...
       [InstallError]:   File "/app/.heroku/python/lib/python3.10/site-packages/pipenv/cli/command.py", line 233, in install
       [InstallError]:       retcode = do_install(
       [InstallError]:   File "/app/.heroku/python/lib/python3.10/site-packages/pipenv/core.py", line 2052, in do_install
       [InstallError]:       do_init(
       [InstallError]:   File "/app/.heroku/python/lib/python3.10/site-packages/pipenv/core.py", line 1304, in do_init
       [InstallError]:       do_install_dependencies(
       [InstallError]:   File "/app/.heroku/python/lib/python3.10/site-packages/pipenv/core.py", line 899, in do_install_dependencies
       [InstallError]:       batch_install(
       [InstallError]:   File "/app/.heroku/python/lib/python3.10/site-packages/pipenv/core.py", line 796, in batch_install
       [InstallError]:       _cleanup_procs(procs, failed_deps_queue, retry=retry)
       [InstallError]:   File "/app/.heroku/python/lib/python3.10/site-packages/pipenv/core.py", line 703, in _cleanup_procs
       [InstallError]:       raise exceptions.InstallError(c.dep.name, extra=err_lines)
       [pipenv.exceptions.InstallError]: Collecting django-compressor
       [pipenv.exceptions.InstallError]:   Using cached django_compressor-3.1-py2.py3-none-any.whl (149 kB)
       [pipenv.exceptions.InstallError]: Collecting django-appconf>=1.0.3
       [pipenv.exceptions.InstallError]:   Using cached django_appconf-1.0.5-py3-none-any.whl (6.4 kB)
       [pipenv.exceptions.InstallError]: Collecting rjsmin==1.2.0
       [pipenv.exceptions.InstallError]:   Using cached rjsmin-1.2.0-cp310-cp310-manylinux2014_x86_64.whl (47 kB)
       [pipenv.exceptions.InstallError]: Collecting rcssmin==1.1.0
       [pipenv.exceptions.InstallError]:   Using cached rcssmin-1.1.0-cp310-cp310-manylinux1_x86_64.whl (43 kB)
       [pipenv.exceptions.InstallError]: Requirement already satisfied: django in ./.heroku/python/lib/python3.10/site-packages (from django-appconf>=1.0.3->django-compressor->-r /tmp/pipenv-rb18e82b-requirements/pipenv-modu4n2z-requirement.txt (line 1)) (4.0.3)
       [pipenv.exceptions.InstallError]: ERROR: Could not install packages due to an OSError: [Errno 2] No such file or directory: '/tmp/build_29664ba1/.heroku/python/lib/python3.10/site-packages/Django-4.0.3.dist-info/METADATA'
       ERROR: Couldn't install package: django-compressor
        Package installation failed...
 !     Push rejected, failed to compile Python app.
 !     Push failed