riskHeatMap

threejs risk-based heatmap

Перейти к файлу

Jeff Bryner f49add785a log error only if error		2018-11-28 10:51:12 -08:00
css	add local style	2018-11-26 13:36:24 -08:00
heatmap	log error only if error	2018-11-28 10:51:12 -08:00
observatory	add observatory dir	2017-07-14 16:14:58 -07:00
templates	remove flask bootstrap	2018-11-26 13:35:23 -08:00
.gitignore	update ignore	2018-11-21 11:56:07 -08:00
CONTRIBUTING.md	Create CONTRIBUTING.md	2017-02-13 08:46:37 -08:00
MANIFEST.in	Replaced with base flaskoktaapp	2016-05-04 14:49:47 -07:00
Pipfile	pipfile	2018-11-20 16:27:08 -08:00
Pipfile.lock	update pip lock file	2017-07-14 16:17:25 -07:00
README.rst	readme updates	2017-07-14 15:13:13 -07:00
app.py	json the json, form-action	2018-11-26 15:49:58 -08:00
attach_policy.json	add attach_policy	2017-07-14 16:13:25 -07:00
auth.py	new zappa versions	2017-05-30 11:33:26 -07:00
config.dev.yml	new dev config	2018-11-20 16:26:39 -08:00
config.prod.yml	prod config	2018-11-21 09:07:24 -08:00
config.py	sync with new flask oidc module	2018-11-20 16:26:27 -08:00
decorators.py	add decorators	2018-11-26 13:35:30 -08:00
env.example	new zappa versions	2017-05-30 11:33:26 -07:00
index.html	local style	2018-11-26 13:35:56 -08:00
package.json	serverless package	2018-11-20 16:27:52 -08:00
serverless.yml	variable the bucket name	2018-11-21 11:55:59 -08:00

README.rst

Overview
========

A dashboard site for the risk heatmap and the observatory dashboard.
Hosted in AWS, lambda/serverless via the zappa framework. 

The risk heatmap and observatory dashboard are just plain html/js files. The AWS/Zappa bits are just for scaling and authentication.


Environment
-----------
The easiest way to mimic the AWS lambda environment is to use a docker container that matches the architecture. Especially helpful with crypto libraries used in OIDC authentication:

Container:
==========
    Get one from: https://github.com/danielwhatmuff/zappa
    
    docker pull danielwhatmuff/zappa
    
    or
    
    git clone git@github.com:danielwhatmuff/zappa.git && cd zappa && docker build -t zappa .

Enter the container in your working directory with a zappa shell:
    docker run -ti -v ~/.aws:/root/.aws -v /path/to/your/project/:/root/your/project zappa bash

Python:
=======
    I like pipenv: pip install pipenv
    https://github.com/kennethreitz/pipenv
    
    
Zappa:
======
    The zappa_settings.yaml file contains the environment settings that will inform the zappa API gateway 'stage' environment.
    Of these the
        SERVER_NAME: fqdn.of.your.web.server.url
    is the most important. Flask will 404 anything sent to it via another URL (ip address, alias, etc)
    For OIDC this also needs to match the relying party (RP) FQDN.
    
    The profile_name should match one in your ~/.aws/config that has reasonable privileges to create the AWS items zappa relies on:
    API Gateway
    IAM Role
    s3 bucket
    lambda function
    
    Something like:
    [profile devadmin]
    role_arn = arn:aws:iam::<accountnumber>:role/<rolename>
    source_profile = default
    mfa_serial = arn:aws:iam::<accountnumber>:mfa/<mfatokenname>
    
API Gateway:
============
    The link between dns and lambda is provided by the API Gateway "Custom Domain" feature. Zappa will create this for you in the us-east-1 region. If not in that region, create
    a custom domain specifying:
    1) The ACM Certificate for your domain
    2) The base path mapping which mapps the url / to the API Gateway stage (likely api-gateway-name:dev)
    3) The cloudfront distribution name (autogenerated by creating a custom domain)
    

Login
-----
This configuration of the riskheatmap uses auth0 OIDC. 


Contacts
--------
Jeff Bryner <jbryner@mozilla.org>
April King  <april@mozilla.org>