Skip to content
This repository has been archived by the owner on Dec 22, 2023. It is now read-only.

alphagov/verify-self-service

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1,374 Commits
.github
.github
 
 
app
app
 
 
bin
bin
 
 
config
config
 
 
db
db
 
 
doc/adr
doc/adr
 
 
lib
lib
 
 
public
public
 
 
spec
spec
 
 
tools
tools
 
 
vendor
vendor
 
 
.dockerignore
.dockerignore
 
 
.gitignore
.gitignore
 
 
.pre-commit-config.yaml
.pre-commit-config.yaml
 
 
.rubocop.yml
.rubocop.yml
 
 
.ruby-version
.ruby-version
 
 
.travis.yml
.travis.yml
 
 
Dockerfile
Dockerfile
 
 
Gemfile
Gemfile
 
 
Gemfile.lock
Gemfile.lock
 
 
README.md
README.md
 
 
Rakefile
Rakefile
 
 
config.ru
config.ru
 
 
docker-run.sh
docker-run.sh
 
 
entrypoint.sh
entrypoint.sh
 
 
manifest-db-migration.yml
manifest-db-migration.yml
 
 
manifest.yml
manifest.yml
 
 
package.json
package.json
 
 
pre-commit-local.sh
pre-commit-local.sh
 
 
pre-commit.sh
pre-commit.sh
 
 
run.Dockerfile
run.Dockerfile
 
 
startup.sh
startup.sh
 
 
test.Dockerfile
test.Dockerfile
 
 
yarn.lock
yarn.lock
 
 

Repository files navigation

Verify Self Service Platform

GOV.UK Verify has closed

This repository is out of date and has been archived

A Ruby on Rails application for the Verify self-service configuration management platform.

Currently provides functionality to:

  • rotate (upload) encryption and signing certificates for the connected services (for both production and integration environments)
  • publish the certificates to S3 bucket which is then consumed by Verify Hub
  • notify users of expiring certificates (30, 14 and 3 days in advance)
  • authenticate users (using AWS Cognito) with enforced MFA
  • user management for team admins/user managers (invite, delete, reset passwords)

Technical Documentation

Architecture Decision Records can be found in doc/adr/.

The application is being developed using the principle of Event Sourcing. Please see doc/adr/0002-use-event-sourcing.md to understand why we made that decision and how we are doing it.

Further information on how to support the appplication can be found in the Verify Team Manual.

Running the application

You can start the application with:

./startup.sh

Use these credentials when running Self-Service locally

  • email: any email address
  • password: any password with at least 8 characters

Running the tests

Test are run in docker environment pegged to use firefox-esr and can be run as follows:

./pre-commit-local.sh will run the tests.

You can use bundle exec rspec $PATH_TO_SPEC to run individual spec files.

Linting

This is done using Rubocop and the govuk-lint rules. It runs with the pre-commit but you can also run it manually:

bundle exec rubocop

To automagically fix any issues use the -a flag:

bundle exec rubocop -a

Integrity checker when on-boarding a service

The /tools directory contains a script ./check.rb which allows us to check whether a service has been on-boarded correctly to the self-service app. There are a few steps required:

  1. Fully on-board the service (or MSA) to self-service, as per the team manual instructions

  2. Make sure the verify-hub-federation-config repository is on master and up-to-date

  3. Login to AWS using the gds-cli

    • gds aws verify-prod-a -e for the production environment
    • gds aws verify-integration-a -e for the integration environment

  4. Run the script using the environment and entityId you wish to check for

    ./check.rb <prod | integration> <entityId> [--msa optional]

    For example:

    ./check.rb prod http://prod-entity-id

The script will output whether the hub-fed-config is matching the config which self-service is publishing. This script can only be used while the certs are still in the hub-fed-config (i.e. before they were removed after the on-boarding)

Licence

MIT License

Code of Conduct

This project is developed under the Alphagov Code of Conduct

About

Verify self-service platform

Topics

verify

Resources

Readme

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

2 stars

Watchers

24 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 21

+ 7 contributors

Languages