-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #20 from VishwamAI/devin-ci-cd-updates-final
Update CI/CD Maintenance Tasks
- Loading branch information
Showing
1,979 changed files
with
313,135 additions
and
1,232 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -31,6 +31,9 @@ jobs: | |
| cd src/growers-gate-frontend | ||
| npm ci | ||
| - name: Run linter | ||
| env: | ||
| NODE_ENV: production | ||
| BABEL_ENV: production | ||
| run: | | ||
| cd src/growers-gate-frontend | ||
| npm run lint | ||
|
|
@@ -64,6 +67,9 @@ jobs: | |
| cd src/growers-gate-frontend | ||
| npm ci | ||
| - name: Run frontend tests | ||
| env: | ||
| NODE_ENV: test | ||
| BABEL_ENV: test | ||
| run: | | ||
| cd src/growers-gate-frontend | ||
| npm test -- --coverage | ||
|
|
@@ -75,25 +81,37 @@ jobs: | |
| needs: lint | ||
| steps: | ||
| - uses: actions/checkout@v2 | ||
| - name: Set up Python | ||
| uses: actions/setup-python@v2 | ||
| - name: Set up Node.js | ||
| uses: actions/setup-node@v2 | ||
| with: | ||
| python-version: '3.x' | ||
| - name: Cache pip packages | ||
| node-version: '18.x' | ||
| - name: Cache node modules | ||
| uses: actions/cache@v2 | ||
| env: | ||
| cache-name: cache-node-modules | ||
| with: | ||
| path: ~/.cache/pip | ||
| key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }} | ||
| path: ~/.npm | ||
| key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }} | ||
| restore-keys: | | ||
| ${{ runner.os }}-pip- | ||
| ${{ runner.os }}-build-${{ env.cache-name }}- | ||
| ${{ runner.os }}-build- | ||
| ${{ runner.os }}- | ||
| - name: Start MongoDB | ||
| uses: supercharge/[email protected] | ||
| with: | ||
| mongodb-version: '6.0' | ||
| - name: Install backend dependencies | ||
| run: | | ||
| cd src/growers-gate-backend | ||
| pip install -r requirements.txt | ||
| npm ci | ||
| - name: Run backend tests | ||
| env: | ||
| MONGODB_URI: mongodb://localhost:27017/growers_gate_test | ||
| JWT_SECRET: ${{ secrets.JWT_SECRET }} | ||
| OTP_SECRET: ${{ secrets.OTP_SECRET }} | ||
| run: | | ||
| cd src/growers-gate-backend | ||
| python -m pytest --cov=./ --cov-report=xml | ||
| npm test -- --coverage | ||
| - name: Upload coverage to Codecov | ||
| uses: codecov/codecov-action@v1 | ||
|
|
||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,6 +1,6 @@ | ||
| # Growers Gate | ||
|
|
||
| Growers Gate is a web application platform designed to connect farmers directly with consumers, allowing them to sell vegetables and other products with home delivery options. It aims to streamline the farm-to-table process, ensuring fresh produce delivery while supporting local growers. | ||
| Growers Gate is a comprehensive web application platform designed to connect farmers directly with consumers, facilitating the sale of vegetables and other agricultural products with home delivery options. Our mission is to streamline the farm-to-table process, ensuring fresh produce delivery while supporting local growers. | ||
|
|
||
| ## Table of Contents | ||
| - [Project Overview](#project-overview) | ||
|
|
@@ -9,7 +9,9 @@ Growers Gate is a web application platform designed to connect farmers directly | |
| - [Installation and Setup](#installation-and-setup) | ||
| - [Usage](#usage) | ||
| - [API Endpoints](#api-endpoints) | ||
| - [Two-Factor Authentication (2FA)](#two-factor-authentication-2fa) | ||
| - [File Structure](#file-structure) | ||
| - [CI/CD Workflow](#cicd-workflow) | ||
| - [Contributing](#contributing) | ||
| - [License](#license) | ||
| - [Contact](#contact) | ||
|
|
@@ -20,35 +22,53 @@ Growers Gate empowers farmers by offering them a platform to list their products | |
|
|
||
| ## Features | ||
|
|
||
| - **Dashboard**: An overview for users to see their products, sales, and earnings. | ||
| - **Products Management**: Farmers can add, edit, or remove products from their listings. | ||
| - **Cart**: Consumers can add products to their cart for purchase. | ||
| - **Transactions**: Keep track of orders, payment history, and more. | ||
| - **Delivery Management**: An interface for tracking and managing delivery schedules and orders. | ||
| - **Login and Registration**: Easy signup and login for both farmers and consumers. | ||
| - **User Roles**: Separate interfaces for farmers and consumers with tailored functionalities. | ||
| - **Responsive Design**: Mobile-friendly for ease of use on both desktop and mobile devices. | ||
| - **User Authentication**: Secure login and registration system with role-based access control. | ||
| - **Two-Factor Authentication (2FA)**: Enhanced security using app-based 2FA. | ||
| - **Dashboards**: | ||
| - **Farmer Dashboard**: Manage products, view sales, handle orders, access analytics, and request support. | ||
| - **User Dashboard**: Browse products, manage cart, place orders, and view order history. | ||
| - **Admin Dashboard**: Manage all users, products, orders, and view comprehensive analytics. | ||
| - **Rider Dashboard**: | ||
| - Manage deliveries and update order statuses with OTP verification | ||
| - View and manage payment details | ||
| - Access performance metrics and analytics | ||
| - Handle support requests | ||
| - **Product Management**: Farmers can add, edit, or remove products from their listings. | ||
| - **Order Management**: Comprehensive system for tracking and managing orders across all user types. | ||
| - **Cart and Checkout**: Seamless shopping experience for consumers. | ||
| - **Support System**: In-built support request functionality for all users. | ||
| - **Analytics and Insights**: Detailed analytics for farmers, riders, and admins. | ||
| - **Payment Management**: Secure payment processing and tracking for all transactions. | ||
| - **Responsive Design**: Mobile-friendly interface for all user types. | ||
|
|
||
| ## Technology Stack | ||
|
|
||
| **Frontend**: | ||
| - React.js | ||
| - CSS Modules | ||
| - Chart.js for data visualization | ||
| - React.js (v18.3.1) | ||
| - Tailwind CSS for styling | ||
| - Chart.js and react-chartjs-2 for data visualization | ||
| - React Router for navigation | ||
| - React Hook Form for form management | ||
| - Yup for form validation | ||
| - Axios for API requests | ||
| - JWT-decode for token handling | ||
|
|
||
| **Backend**: | ||
| - Node.js | ||
| - Express.js | ||
| - MongoDB for data storage | ||
| - JWT for authentication | ||
| - Bcrypt for password hashing | ||
| - Speakeasy for 2FA | ||
| - Speakeasy and QRCode for 2FA implementation | ||
| - Express-validator for input validation | ||
| - Express-rate-limit for API rate limiting | ||
|
|
||
| **Other Tools**: | ||
| - Git (Version control) | ||
| - NPM (Package manager) | ||
| **Development Tools**: | ||
| - Git for version control | ||
| - NPM for package management | ||
| - Dotenv for environment variable management | ||
| - Jest and Supertest for testing | ||
| - ESLint and Prettier for code formatting | ||
|
|
||
| ## Installation and Setup | ||
|
|
||
|
|
@@ -64,8 +84,8 @@ Ensure you have the following installed: | |
|
|
||
| 1. **Clone the repository**: | ||
| ```bash | ||
| git clone https://github.com/yourusername/growers-gate.git | ||
| cd growers-gate | ||
| git clone https://github.com/VishwamAI/Growers-Gate.git | ||
| cd Growers-Gate | ||
| ``` | ||
|
|
||
| 2. **Install dependencies**: | ||
|
|
@@ -82,9 +102,12 @@ Ensure you have the following installed: | |
| 3. **Set up environment variables**: | ||
| Create a `.env` file in the `src/growers-gate-backend` directory with the following: | ||
| ``` | ||
| MONGODB_URI=mongodb://localhost:27017/growers_gate | ||
| JWT_SECRET=your_jwt_secret_here | ||
| PORT=3001 | ||
| MONGODB_URI=mongodb://localhost:27017/growers_gate_test | ||
| JWT_SECRET=your_strong_jwt_secret_here | ||
| PORT=8080 | ||
| NODE_ENV=production | ||
| API_BASE_URL=https://api.growers-gate.com | ||
| OTP_SECRET=your_strong_otp_secret_here | ||
| ``` | ||
|
|
||
| 4. **Start MongoDB**: | ||
|
|
@@ -108,59 +131,139 @@ Ensure you have the following installed: | |
|
|
||
| ## Usage | ||
|
|
||
| - **Registration**: Users can sign up as either farmers or consumers. | ||
| - **Login**: Existing users can log in to access their dashboard. | ||
| - **Dashboard**: | ||
| - Farmers can manage their products, view sales, and handle orders. | ||
| - Consumers can browse products, add items to cart, and place orders. | ||
| - **Products**: Farmers can add, edit, or remove products from their listings. | ||
| - **Cart**: Consumers can review their cart and proceed to checkout. | ||
| - **Transactions**: Users can view their order history and transaction details. | ||
| 1. **Registration**: Sign up as a farmer, consumer, or rider. | ||
| 2. **Login**: Access your role-specific dashboard. | ||
| 3. **Two-Factor Authentication**: Set up 2FA in your profile settings for enhanced security. | ||
| 4. **Farmer Operations**: | ||
| - Manage products (add, edit, remove) | ||
| - View and manage orders | ||
| - Access sales analytics | ||
| - Request support | ||
| 5. **Consumer Operations**: | ||
| - Browse products | ||
| - Add items to cart | ||
| - Place orders | ||
| - View order history | ||
| 6. **Rider Operations**: | ||
| - View assigned deliveries | ||
| - Update delivery statuses with OTP verification | ||
| - Access performance metrics | ||
| - View and manage payment details | ||
| 7. **Admin Operations**: | ||
| - Manage all users, products, and orders | ||
| - View comprehensive analytics | ||
| - Handle support requests | ||
|
|
||
| ## API Endpoints | ||
|
|
||
| - `POST /register`: User registration | ||
| - `POST /login`: User login | ||
| - `POST /verify-2fa`: Two-factor authentication verification | ||
| - `POST /logout`: User logout | ||
| - `POST /forgot-password`: Initiate password reset | ||
| - `POST /reset-password`: Complete password reset | ||
| - `GET /dashboard`: Fetch dashboard data (protected route) | ||
|
|
||
| For detailed API documentation, refer to the backend code or set up Swagger documentation. | ||
| - `POST /generate-rider-otp`: Generate OTP for rider authentication | ||
| - `POST /products`: Create a new product (for farmers) | ||
| - `GET /products`: Fetch all products | ||
| - `PUT /products/:id`: Update a product | ||
| - `DELETE /products/:id`: Delete a product | ||
| - `GET /orders`: Fetch orders based on user role | ||
| - `GET /api/farmer/analytics/sales`: Fetch farmer sales analytics | ||
| - `GET /api/farmer/analytics/products`: Fetch farmer product analytics | ||
| - `GET /api/farmer/analytics/customers`: Fetch farmer customer analytics | ||
| - `GET /rider/payments`: Fetch rider payment details | ||
| - `GET /knowledge-base`: Fetch knowledge base articles for riders | ||
| - `POST /refresh-token`: Refresh JWT token | ||
|
|
||
| For detailed API documentation and request/response formats, refer to the backend code in `src/growers-gate-backend/api.js`. | ||
|
|
||
| ## Two-Factor Authentication (2FA) | ||
|
|
||
| Growers Gate implements app-based two-factor authentication for enhanced security: | ||
|
|
||
| 1. **Setup**: Users can enable 2FA in their profile settings. | ||
| 2. **Process**: | ||
| - A QR code and secret key are generated for the user. | ||
| - User scans the QR code with an authenticator app (e.g., Google Authenticator). | ||
| - User enters the 6-digit code from the app to verify and enable 2FA. | ||
| 3. **Login**: After enabling 2FA, users need to enter a code from their authenticator app during login. | ||
| 4. **Security**: 2FA adds an extra layer of protection against unauthorized access. | ||
|
|
||
| For implementation details, see the `ProfileManagement.js` component and the `/verify-2fa` API endpoint. | ||
|
|
||
| ## Additional Security Measures | ||
|
|
||
| Growers Gate implements several security measures to enhance the overall security of the application: | ||
|
|
||
| 1. **Secure Headers**: The application uses the Helmet middleware to set various HTTP headers for improved security. | ||
| 2. **Rate Limiting**: Enhanced rate limiting is implemented to prevent abuse and protect against brute-force attacks. | ||
| 3. **Input Validation**: Improved input validation is used throughout the application, especially during user registration and login processes. | ||
| 4. **Password Security**: The system checks for common passwords and leaked passwords during registration. | ||
| 5. **Account Locking**: Multiple failed login attempts result in temporary account locking. | ||
|
|
||
| ### Testing Security Features | ||
|
|
||
| To test these security features: | ||
|
|
||
| 1. **Helmet Headers**: Use a tool like [securityheaders.com](https://securityheaders.com) to check the HTTP headers of your deployed application. | ||
| 2. **Rate Limiting**: | ||
| - Make multiple rapid requests to an endpoint (e.g., login) and observe the 429 (Too Many Requests) response after exceeding the limit. | ||
| - Wait for the time window to reset and verify that requests are allowed again. | ||
| 3. **Input Validation**: | ||
| - Attempt to register with invalid inputs (e.g., weak password, invalid email) and verify that appropriate error messages are returned. | ||
| - Try to inject malicious scripts in input fields and ensure they are properly sanitized. | ||
| 4. **Password Security**: | ||
| - Attempt to register with a common password (e.g., "password123") and verify that it's rejected. | ||
| - Use a known leaked password and ensure the system prevents its use. | ||
| 5. **Account Locking**: | ||
| - Attempt multiple incorrect logins for a user and verify that the account gets locked after a certain number of attempts. | ||
| - Verify that a locked account cannot be accessed even with correct credentials until the lock period expires. | ||
|
|
||
| For detailed implementation of these security measures, refer to the backend code in `src/growers-gate-backend/api.js`. | ||
|
|
||
| ## File Structure | ||
|
|
||
| ``` | ||
| growers-gate/ | ||
| Growers-Gate/ | ||
| ├── src/ | ||
| │ ├── growers-gate-frontend/ | ||
| │ │ ├── public/ | ||
| │ │ ├── src/ | ||
| │ │ │ ├── components/ | ||
| │ │ │ │ ├── FarmerDashboard.js | ||
| │ │ │ │ ├── AdminDashboard.js | ||
| │ │ │ │ ├── RiderDashboard.js | ||
| │ │ │ │ ├── ProfileManagement.js | ||
| │ │ │ │ └── ... | ||
| │ │ │ ├── utils/ | ||
| │ │ │ │ └── tokenUtils.js | ||
| │ │ │ ├── App.js | ||
| │ │ │ ├── index.js | ||
| │ │ │ └── ... | ||
| │ │ └── package.json | ||
| │ │ │ └── index.js | ||
| │ │ ├── package.json | ||
| │ │ └── .env | ||
| │ └── growers-gate-backend/ | ||
| │ ├── api.js | ||
| │ ├── .env | ||
| │ └── package.json | ||
| ├── .github/ | ||
| │ └── workflows/ | ||
| │ └── ci.yml | ||
| ├── lighthouserc.json | ||
| └── README.md | ||
| ``` | ||
|
|
||
| - `src/growers-gate-frontend/`: React frontend application | ||
| - `src/growers-gate-backend/`: Node.js/Express backend application | ||
| - `src/growers-gate-frontend/src/components/`: React components (Dashboard, LoginSignup, etc.) | ||
| - `src/growers-gate-backend/api.js`: Main backend file with API routes and MongoDB connection | ||
|
|
||
| ## CI/CD Workflow | ||
|
|
||
| Our CI/CD pipeline has been significantly improved to ensure code quality and streamline the deployment process: | ||
| Our CI/CD pipeline ensures code quality and streamlines the deployment process: | ||
|
|
||
| - **Linting**: Automated code style and quality checks for both frontend and backend. | ||
| - **Caching**: Implemented caching for node modules and pip packages to speed up builds. | ||
| - **Parallel Execution**: Frontend and backend tests run concurrently for faster feedback. | ||
| - **Code Coverage**: Integrated with Codecov for detailed code coverage reporting. | ||
| - **Performance Testing**: Lighthouse CI runs performance audits on every build. | ||
| - **Deployment**: Automated deployment to Netlify (frontend) and Heroku (backend) on successful builds. | ||
| - **Linting**: Automated code style and quality checks using ESLint. | ||
| - **Testing**: Jest for unit and integration tests. | ||
| - **Caching**: Implemented for node modules to speed up builds. | ||
| - **Parallel Execution**: Frontend and backend tests run concurrently. | ||
| - **Code Coverage**: Integrated with Codecov for detailed reporting. | ||
| - **Performance Testing**: Lighthouse CI for performance audits. | ||
| - **Deployment**: Automated deployment to Netlify (frontend). | ||
| - **Notifications**: Slack notifications for deployment status updates. | ||
|
|
||
| For more details, see the `.github/workflows/ci.yml` file in the repository. | ||
|
|
@@ -175,6 +278,8 @@ Contributions to Growers Gate are welcome! Please follow these steps: | |
| 4. Push to the branch: `git push origin feature/your-feature-name` | ||
| 5. Submit a pull request | ||
|
|
||
| Please ensure your code adheres to the project's coding standards and includes appropriate tests. | ||
|
|
||
| ## License | ||
|
|
||
| This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details. | ||
|
|
@@ -184,3 +289,4 @@ This project is licensed under the MIT License - see the [LICENSE](LICENSE) file | |
| For any queries or suggestions, please contact: | ||
| - **Project Lead**: Kasinadh Sarma | ||
| - **Email**: [email protected] | ||
| - **GitHub**: [VishwamAI](https://github.com/VishwamAI) | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,23 @@ | ||
| { | ||
| "ci": { | ||
| "collect": { | ||
| "numberOfRuns": 3, | ||
| "startServerCommand": "npm run start", | ||
| "url": [ | ||
| "http://localhost:3000" | ||
| ] | ||
| }, | ||
| "assert": { | ||
| "preset": "lighthouse:recommended", | ||
| "assertions": { | ||
| "categories:performance": ["error", {"minScore": 0.8}], | ||
| "categories:accessibility": ["error", {"minScore": 0.9}], | ||
| "categories:best-practices": ["error", {"minScore": 0.9}], | ||
| "categories:seo": ["error", {"minScore": 0.9}] | ||
| } | ||
| }, | ||
| "upload": { | ||
| "target": "temporary-public-storage" | ||
| } | ||
| } | ||
| } |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Oops, something went wrong.