[ { "path": ".cfnlintrc.yaml", "content": "# The W2001 check is used to ignore the featurebranch.yaml DataLoadStackName parameter in the nested\n# stack fargate-featurebranch.yaml used to signal when the DataLoadHost UserData commands are complete.\n# Check if Parameters are Used\nignore_checks:\n - W2001\n" }, { "path": ".dockerignore", "content": "node_modules\nstatic-files\n" }, { "path": ".github/ISSUE_TEMPLATE/bug_report.md", "content": "---\nname: Bug report\nabout: Create a report to help us improve\n---\n\n**What behavior did you observe? Please describe the bug**\nA clear and concise description of what you experienced.\n\n**How can we reproduce the bug?**\nSteps to reproduce the behavior:\n\n1. Go to '...'\n2. Click on '....'\n3. Scroll down to '....'\n4. See error\n\n**What is the expected behavior?**\nA clear and concise description of what you expected to happen.\n\n**Got screenshots? This helps us identify the issue**\nAdd screenshots to help explain your problem.\n\n**Desktop (please complete the following information):**\n\n- OS: [e.g. iOS]\n- Browser [e.g. chrome, safari]\n\n**Additional context**\nAdd any other context about the problem here.\n" }, { "path": ".github/ISSUE_TEMPLATE/feature_request.md", "content": "---\nname: Feature request\nabout: Suggest an idea for this project\n---\n\n**User story/persona**\nAs {a user}, I want to {action} so that I can {goal}\n\n**Is your feature request related to a problem? Please describe.**\nA clear and concise description of what the problem is. Ex. I'm always frustrated when [...]\n\n**Additional context**\nAdd any other context or screenshots about the feature request here.\n\n**Acceptance Criteria**\nAdd a list items this new feature needs to meet. Ex: The user would not be able to submit a form if all the mandatory fields are not entered.\n\n**Acceptance Test:**\nAdd a list of steps to test for a user to check if functionality satisfies the acceptance criteria.\n" }, { "path": ".github/dependabot.yml", "content": "# To get started with Dependabot version updates, you'll need to specify which\n# package ecosystems to update and where the package manifests are located.\n# Please see the documentation for all configuration options:\n# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file\n\nversion: 2\nupdates:\n - package-ecosystem: 'github-actions' # See documentation for possible values\n directory: '/workflows' # Location of package manifests\n schedule:\n interval: 'weekly'\n - package-ecosystem: 'npm' # See documentation for possible values\n directory: '/' # Location of package manifests\n schedule:\n interval: 'daily'\n - package-ecosystem: 'pip' # See documentation for possible values\n directory: '/' # Location of package manifests\n schedule:\n interval: 'daily'\n" }, { "path": ".github/workflows/black.yml", "content": "name: Lint\n\non:\n workflow_dispatch:\n pull_request:\n branches: [main, 'feature-*', release]\n paths-ignore:\n - docs/**\n - README.md\n - .github/**\n - cloudformation/**\n - db_scripts/**\n - jenkins/**\n - search-proxy/**\n - postgresql/**\n\njobs:\n lint:\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v6\n - uses: actions/setup-python@v6\n with:\n python-version: '3.12'\n - uses: psf/black@stable\n" }, { "path": ".github/workflows/build.yml", "content": "name: 'Build'\n\non:\n workflow_dispatch:\n pull_request:\n branches: [main, 'feature-*', release]\n paths-ignore:\n - docs/**\n - README.md\n - .github/**\n - cloudformation/**\n - db_scripts/**\n - jenkins/**\n - search-proxy/**\n - postgresql/**\n\njobs:\n build:\n name: Build\n runs-on: ubuntu-latest\n\n steps:\n - name: Install system packages\n run: |\n sudo apt-get update -qy && sudo apt-get dist-upgrade -qy && sudo apt-get install -qy \\\n libmemcached-dev libz-dev libfreetype6-dev libtiff-dev \\\n libjpeg-dev libopenjp2-7-dev libwebp-dev zlib1g-dev libpq-dev\n\n - name: Install node and npm\n uses: actions/setup-node@v6\n with:\n node-version: '20'\n\n - name: Checkout repository\n uses: actions/checkout@v6\n\n - name: Set up Python 3.12\n uses: actions/setup-python@v6\n with:\n # Semantic version range syntax or exact version of a Python version\n python-version: '3.12'\n # Optional - x64 or x86 architecture, defaults to x64\n architecture: 'x64'\n\n - name: Display Python version\n run: python -c \"import sys; print(sys.version)\"\n\n - name: build containers\n run: |\n docker build -t concordia .\n docker build -t concordia/importer --file importer/Dockerfile .\n docker build -t concordia/celerybeat --file celerybeat/Dockerfile .\n" }, { "path": ".github/workflows/codeql.yml", "content": "name: 'CodeQL Advanced'\n\non:\n workflow_dispatch:\n push:\n branches: [main, 'feature-*']\n pull_request:\n branches: [main, 'feature-*', release]\n paths-ignore:\n - docs/**\n - README.md\n - cloudformation/**\n - db_scripts/**\n - jenkins/**\n - search-proxy/**\n - postgresql/**\n schedule:\n - cron: '20 23 * * 2'\n\njobs:\n analyze:\n name: Analyze (${{ matrix.language }})\n runs-on: ubuntu-latest\n\n permissions:\n actions: read\n contents: read\n security-events: write\n packages: read\n\n strategy:\n fail-fast: false\n matrix:\n include:\n - language: javascript-typescript\n build-mode: none\n - language: python\n build-mode: none\n\n steps:\n - name: Install system packages\n run: |\n sudo apt-get update -qy && sudo apt-get dist-upgrade -qy && sudo apt-get install -qy \\\n libmemcached-dev libz-dev libfreetype6-dev libtiff-dev \\\n libjpeg-dev libopenjp2-7-dev libwebp-dev zlib1g-dev libpq-dev\n\n - name: Checkout repository\n uses: actions/checkout@v6\n\n - if: matrix.language == 'python'\n name: Setup python\n uses: actions/setup-python@v6\n with:\n python-version: '3.12'\n\n # Initializes the CodeQL tools for scanning.\n - name: Initialize CodeQL\n uses: github/codeql-action/init@v4\n with:\n languages: ${{ matrix.language }}\n build-mode: ${{ matrix.build-mode }}\n\n - if: matrix.language == 'python'\n run: |\n pip install -U packaging\n pip install -U setuptools\n pip install pipenv\n pipenv install --dev --deploy\n\n - name: Perform CodeQL Analysis\n uses: github/codeql-action/analyze@v4\n with:\n category: '/language:${{matrix.language}}'\n" }, { "path": ".github/workflows/db_ops.yml", "content": "name: DB Operations Multi-Repo Pipeline\n\non:\n workflow_dispatch:\n inputs:\n action_type:\n description: 'Action'\n required: true\n default: 'build_test'\n type: choice\n options:\n - build_test\n - promote_to_latest\n operation:\n description: 'Operation'\n required: true\n default: 'dump'\n type: choice\n options:\n - dump\n - restore\n\nenv:\n AWS_REGION: us-east-1\n # Mapping the operation to the specific ECR Repo Name\n DUMP_REPO: crowd-db-dump\n RESTORE_REPO: crowd-db-restore\n\njobs:\n process:\n runs-on: ubuntu-latest\n steps:\n - name: Checkout Code\n uses: actions/checkout@v6\n\n - name: Configure AWS Credentials\n uses: aws-actions/configure-aws-credentials@v6\n with:\n aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}\n aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}\n aws-region: ${{ env.AWS_REGION }}\n role-session-name: github_to_aws_deploy\n\n - name: Login to Amazon ECR\n id: login-ecr\n uses: aws-actions/amazon-ecr-login@v2\n\n # LOGIC: Determine Repo Name and Docker Stage Target\n - name: Set Variables\n id: vars\n run: |\n if [[ \"${{ github.event.inputs.operation }}\" == \"dump\" ]]; then\n echo \"REPO_NAME=${{ env.DUMP_REPO }}\" >> $GITHUB_OUTPUT\n echo \"STAGE_TARGET=dump\" >> $GITHUB_OUTPUT\n else\n echo \"REPO_NAME=${{ env.RESTORE_REPO }}\" >> $GITHUB_OUTPUT\n echo \"STAGE_TARGET=restore\" >> $GITHUB_OUTPUT\n fi\n\n # ACTION 1: BUILD AND PUSH 'test'\n - name: Build and Push Test\n if: ${{ github.event.inputs.action_type == 'build_test' }}\n uses: docker/build-push-action@v7\n with:\n # context: defines where the 'COPY' commands look for files\n context: ./db_scripts\n # file: path to the actual Dockerfile relative to repo root\n file: ./db_scripts/Dockerfile\n # target: tells Docker to stop at the 'dump' or 'restore' stage\n target: ${{ steps.vars.outputs.STAGE_TARGET }}\n push: true\n tags: ${{ steps.login-ecr.outputs.registry }}/${{ steps.vars.outputs.REPO_NAME }}:test\n\n # ACTION 2: PROMOTE 'test' to 'latest'\n - name: Promote Test to Latest\n if: ${{ github.event.inputs.action_type == 'promote_to_latest' }}\n run: |\n REPO=${{ steps.vars.outputs.REPO_NAME }}\n\n MANIFEST=$(aws ecr batch-get-image \\\n --repository-name $REPO \\\n --image-ids imageTag=test \\\n --query 'images[0].imageManifest' \\\n --output text)\n\n aws ecr put-image \\\n --repository-name $REPO \\\n --image-tag latest \\\n --image-manifest \"$MANIFEST\"\n" }, { "path": ".github/workflows/dev-main-deploy.yml", "content": "name: 'Deploy to dev'\n\non:\n workflow_dispatch:\n push:\n branches: [main]\n paths-ignore:\n - docs/**\n - README.md\n - .github/**\n - cloudformation/**\n - db_scripts/**\n - jenkins/**\n - search-proxy/**\n - postgresql/**\n - cloudformation/tests/**\n - concordia/tests/**\n - exporter/tests/**\n - importer/tests/**\n\nenv:\n AWS_REGION: us-east-1\n\npermissions:\n id-token: write\n contents: read\n\njobs:\n deploy:\n name: Deploy to Dev\n runs-on: ubuntu-latest\n environment:\n name: development\n\n steps:\n - name: Install system packages\n run: |\n sudo apt-get update -qy && sudo apt-get dist-upgrade -qy && sudo apt-get install -qy \\\n libmemcached-dev libz-dev libfreetype6-dev libtiff-dev \\\n libjpeg-dev libopenjp2-7-dev libwebp-dev zlib1g-dev libpq-dev\n\n - name: Install node and npm\n uses: actions/setup-node@v6\n with:\n node-version: '20'\n\n - name: Checkout repository\n uses: actions/checkout@v6\n with:\n fetch-depth: 0\n fetch-tags: 'true'\n\n - name: Set up Python 3.12\n uses: actions/setup-python@v6\n with:\n # Semantic version range syntax or exact version of a Python version\n python-version: '3.12'\n # Optional - x64 or x86 architecture, defaults to x64\n architecture: 'x64'\n\n - name: Install Python Dependencies and Retrieve Version Number\n id: python-build\n run: |\n python3 -m pip install --upgrade pip\n pip3 install -U setuptools\n pip3 install -U setuptools-scm\n\n FULL_VERSION_NUMBER=\"$(python3 -m setuptools_scm)\"\n echo \"version_number=$(echo \"${FULL_VERSION_NUMBER}\" | cut -d '+' -f 1)\" >> $GITHUB_ENV\n\n - name: configure aws credentials\n uses: aws-actions/configure-aws-credentials@v6\n with:\n aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}\n aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}\n aws-region: ${{ env.AWS_REGION }}\n role-session-name: github_to_aws_deploy\n\n - name: Login to Amazon ECR\n id: login-ecr\n uses: aws-actions/amazon-ecr-login@v2\n\n - name: Build, tag and push docker images ECR\n env:\n REGISTRY: ${{ steps.login-ecr.outputs.registry }}\n IMAGE_TAG: ${{ secrets.IMAGE_TAG }}\n CLUSTER: ${{ secrets.CLUSTER }}\n TARGET_SERVICE: ${{ secrets.TARGET_SERVICE }}\n run: |\n docker build -t concordia .\n docker build -t concordia/importer --file importer/Dockerfile .\n docker build -t concordia/celerybeat --file celerybeat/Dockerfile .\n\n docker tag concordia:latest $REGISTRY/concordia:$version_number\n docker tag concordia:latest $REGISTRY/concordia:$IMAGE_TAG\n docker tag concordia/importer:latest $REGISTRY/concordia/importer:$version_number\n docker tag concordia/importer:latest $REGISTRY/concordia/importer:$IMAGE_TAG\n docker tag concordia/celerybeat:latest $REGISTRY/concordia/celerybeat:$version_number\n docker tag concordia/celerybeat:latest $REGISTRY/concordia/celerybeat:$IMAGE_TAG\n\n docker push $REGISTRY/concordia:$version_number\n docker push $REGISTRY/concordia:$IMAGE_TAG\n docker push $REGISTRY/concordia/importer:$version_number\n docker push $REGISTRY/concordia/importer:$IMAGE_TAG\n docker push $REGISTRY/concordia/celerybeat:$version_number\n docker push $REGISTRY/concordia/celerybeat:$IMAGE_TAG\n\n aws ecs update-service --region ${{ env.AWS_REGION }} --force-new-deployment --cluster $CLUSTER --service $TARGET_SERVICE\n" }, { "path": ".github/workflows/feature-branch-deploy.yml", "content": "name: 'Deploy feature branch to test'\n\non:\n workflow_dispatch:\n push:\n branches: ['feature-*']\n paths-ignore:\n - docs/**\n - README.md\n - .github/**\n - cloudformation/**\n - db_scripts/**\n - jenkins/**\n - search-proxy/**\n - postgresql/**\n\nenv:\n AWS_REGION: us-east-1\n\npermissions:\n id-token: write\n contents: read\n\njobs:\n deploy:\n name: Deploy Feature Branch to Test\n runs-on: ubuntu-latest\n environment:\n name: feature\n steps:\n - name: Install system packages\n run: |\n sudo apt-get update -qy && sudo apt-get dist-upgrade -qy && sudo apt-get install -qy \\\n libmemcached-dev libz-dev libfreetype6-dev libtiff-dev \\\n libjpeg-dev libopenjp2-7-dev libwebp-dev zlib1g-dev libpq-dev\n\n - name: Install node and npm\n uses: actions/setup-node@v6\n with:\n node-version: '20'\n\n - name: Checkout repository\n uses: actions/checkout@v6\n with:\n ref: ${{ vars.FEATURE_BRANCH }}\n fetch-depth: 0\n fetch-tags: 'true'\n\n - name: Set up Python 3.12\n uses: actions/setup-python@v6\n with:\n # Semantic version range syntax or exact version of a Python version\n python-version: '3.12'\n # Optional - x64 or x86 architecture, defaults to x64\n architecture: 'x64'\n\n - name: Install Python Dependencies and Retrieve Version Number\n id: python-build\n run: |\n python3 -m pip install --upgrade pip\n pip3 install -U setuptools\n pip3 install -U setuptools-scm\n\n FULL_VERSION_NUMBER=\"$(python3 -m setuptools_scm)\"\n echo \"version_number=$(echo \"${FULL_VERSION_NUMBER}\" | cut -d '+' -f 1)\" >> $GITHUB_ENV\n\n - name: configure aws credentials\n uses: aws-actions/configure-aws-credentials@v6\n with:\n aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}\n aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}\n aws-region: ${{ env.AWS_REGION }}\n role-session-name: github_to_aws_deploy\n\n - name: Login to Amazon ECR\n id: login-ecr\n uses: aws-actions/amazon-ecr-login@v2\n\n - name: Build, tag and push docker images ECR\n env:\n REGISTRY: ${{ steps.login-ecr.outputs.registry }}\n IMAGE_TAG: ${{ secrets.IMAGE_TAG }}\n CLUSTER: ${{ secrets.CLUSTER }}\n TARGET_SERVICE: ${{ secrets.TARGET_SERVICE }}\n run: |\n docker build -t concordia .\n docker build -t concordia/importer --file importer/Dockerfile .\n docker build -t concordia/celerybeat --file celerybeat/Dockerfile .\n\n docker tag concordia:latest $REGISTRY/concordia:$version_number\n docker tag concordia:latest $REGISTRY/concordia:$IMAGE_TAG\n docker tag concordia/importer:latest $REGISTRY/concordia/importer:$version_number\n docker tag concordia/importer:latest $REGISTRY/concordia/importer:$IMAGE_TAG\n docker tag concordia/celerybeat:latest $REGISTRY/concordia/celerybeat:$version_number\n docker tag concordia/celerybeat:latest $REGISTRY/concordia/celerybeat:$IMAGE_TAG\n\n docker push $REGISTRY/concordia:$version_number\n docker push $REGISTRY/concordia:$IMAGE_TAG\n docker push $REGISTRY/concordia/importer:$version_number\n docker push $REGISTRY/concordia/importer:$IMAGE_TAG\n docker push $REGISTRY/concordia/celerybeat:$version_number\n docker push $REGISTRY/concordia/celerybeat:$IMAGE_TAG\n\n aws ecs update-service --region ${{ env.AWS_REGION }} --force-new-deployment --cluster $CLUSTER --service $TARGET_SERVICE\n" }, { "path": ".github/workflows/pip-audit.yml", "content": "name: pip-audit\n\non:\n workflow_dispatch:\n pull_request:\n branches: [main, release]\n paths-ignore:\n - docs/**\n - README.md\n - .github/**\n - cloudformation/**\n - db_scripts/**\n - jenkins/**\n - search-proxy/**\n - postgresql/**\n\njobs:\n pip-audit:\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v6\n - uses: actions/setup-python@v6\n with:\n python-version: '3.12'\n\n - name: 'Generate requirements.txt'\n run: |\n pipx run pipfile-requirements Pipfile.lock > requirements.txt\n\n - uses: pypa/gh-action-pip-audit@v1.1.0\n with:\n inputs: requirements.txt\n ignore-vulns: |\n PYSEC-2023-312\n" }, { "path": ".github/workflows/prod-deploy.yml", "content": "name: 'Deploy to production'\n\non:\n workflow_dispatch:\n\nenv:\n AWS_REGION: us-east-1\n\npermissions:\n id-token: write\n contents: read\n\njobs:\n deploy:\n name: Deploy to Production\n runs-on: ubuntu-latest\n environment:\n name: production\n\n steps:\n - name: configure aws credentials\n uses: aws-actions/configure-aws-credentials@v6\n with:\n aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}\n aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}\n aws-region: ${{ env.AWS_REGION }}\n role-session-name: github_to_aws_deploy\n\n - name: Login to Amazon ECR\n id: login-ecr\n uses: aws-actions/amazon-ecr-login@v2\n\n - name: Pull, tag and push docker images ECR\n env:\n REGISTRY: ${{ steps.login-ecr.outputs.registry }}\n IMAGE_TAG_PULL: ${{ secrets.IMAGE_TAG_PULL }}\n IMAGE_TAG: ${{ secrets.IMAGE_TAG }}\n CLUSTER: ${{ secrets.CLUSTER }}\n TARGET_SERVICE_A: ${{ secrets.TARGET_SERVICE_A }}\n TARGET_SERVICE: ${{ secrets.TARGET_SERVICE }}\n run: |\n docker pull $REGISTRY/concordia:$IMAGE_TAG_PULL\n docker pull $REGISTRY/concordia/importer:$IMAGE_TAG_PULL\n docker pull $REGISTRY/concordia/celerybeat:$IMAGE_TAG_PULL\n\n docker tag $REGISTRY/concordia:$IMAGE_TAG_PULL $REGISTRY/concordia:$IMAGE_TAG\n docker tag $REGISTRY/concordia/importer:$IMAGE_TAG_PULL $REGISTRY/concordia/importer:$IMAGE_TAG\n docker tag $REGISTRY/concordia/celerybeat:$IMAGE_TAG_PULL $REGISTRY/concordia/celerybeat:$IMAGE_TAG\n\n docker push $REGISTRY/concordia:$IMAGE_TAG\n docker push $REGISTRY/concordia/importer:$IMAGE_TAG\n docker push $REGISTRY/concordia/celerybeat:$IMAGE_TAG\n\n aws ecs update-service --region ${{ env.AWS_REGION }} --force-new-deployment --cluster $CLUSTER --service $TARGET_SERVICE_A\n aws ecs update-service --region ${{ env.AWS_REGION }} --force-new-deployment --cluster $CLUSTER --service $TARGET_SERVICE\n" }, { "path": ".github/workflows/renew_coverage.yml", "content": "name: Renew Coverage Cache\n\non:\n schedule:\n - cron: '0 0 */5 * *' # Runs every 5 days at midnight UTC\n workflow_dispatch:\n\n # The renew_coverage.yml action is used to keep the cached release coverage value by\n # accessing it every five days. Normally, cached values are discarded after they're\n # not accessed for seven days. To avoid that, the task simply accessing the value so\n # it's not lost in case we have a seven-day period with no pull requests.\n\njobs:\n renew-cache:\n runs-on: ubuntu-latest\n steps:\n - name: Access Coverage Cache to Renew Expiration\n uses: actions/cache@v5\n with:\n path: coverage.txt\n key: release-coverage\n restore-keys: |\n release-coverage\n" }, { "path": ".github/workflows/stage-hotfix-rel-deploy.yml", "content": "name: 'Deploy hotfix to stage'\n\non:\n workflow_dispatch:\n\nenv:\n AWS_REGION: us-east-1\n\npermissions:\n id-token: write\n contents: read\n\njobs:\n deploy:\n name: Deploy Release to Stage\n runs-on: ubuntu-latest\n environment:\n name: stage\n\n steps:\n - name: Install system packages\n run: |\n sudo apt-get update -qy && sudo apt-get dist-upgrade -qy && sudo apt-get install -qy \\\n libmemcached-dev libz-dev libfreetype6-dev libtiff-dev \\\n libjpeg-dev libopenjp2-7-dev libwebp-dev zlib1g-dev libpq-dev\n\n - name: Install node and npm\n uses: actions/setup-node@v6\n with:\n node-version: '20'\n\n - name: Checkout repository\n uses: actions/checkout@v6\n with:\n ref: release\n fetch-depth: 0\n fetch-tags: 'true'\n\n - name: Set up Python 3.12\n uses: actions/setup-python@v6\n with:\n # Semantic version range syntax or exact version of a Python version\n python-version: '3.12'\n # Optional - x64 or x86 architecture, defaults to x64\n architecture: 'x64'\n\n - name: Get version from Git\n run: |\n # Get latest version tag number (e.g. release was tagged in GitHub for this hot fix)\n HOTFIX_VERSION_NUMBER=\"$(git describe --tags)\"\n echo \"version_number=$(echo \"${HOTFIX_VERSION_NUMBER}\" | cut -d '-' -f 1 | cut -c 2- )\" >> $GITHUB_ENV\n\n - name: configure aws credentials\n uses: aws-actions/configure-aws-credentials@v6\n with:\n aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}\n aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}\n aws-region: ${{ env.AWS_REGION }}\n role-session-name: github_to_aws_deploy\n\n - name: Login to Amazon ECR\n id: login-ecr\n uses: aws-actions/amazon-ecr-login@v2\n\n - name: Build, tag and push docker images ECR\n env:\n REGISTRY: ${{ steps.login-ecr.outputs.registry }}\n IMAGE_TAG: ${{ secrets.IMAGE_TAG }}\n CLUSTER: ${{ secrets.CLUSTER }}\n TARGET_SERVICE: ${{ secrets.TARGET_SERVICE }}\n run: |\n echo \"version number: $version_number\"\n\n docker build -t concordia .\n docker build -t concordia/importer --file importer/Dockerfile .\n docker build -t concordia/celerybeat --file celerybeat/Dockerfile .\n\n docker tag concordia:latest $REGISTRY/concordia:$version_number\n docker tag concordia:latest $REGISTRY/concordia:$IMAGE_TAG\n docker tag concordia/importer:latest $REGISTRY/concordia/importer:$version_number\n docker tag concordia/importer:latest $REGISTRY/concordia/importer:$IMAGE_TAG\n docker tag concordia/celerybeat:latest $REGISTRY/concordia/celerybeat:$version_number\n docker tag concordia/celerybeat:latest $REGISTRY/concordia/celerybeat:$IMAGE_TAG\n\n docker push $REGISTRY/concordia:$version_number\n docker push $REGISTRY/concordia:$IMAGE_TAG\n docker push $REGISTRY/concordia/importer:$version_number\n docker push $REGISTRY/concordia/importer:$IMAGE_TAG\n docker push $REGISTRY/concordia/celerybeat:$version_number\n docker push $REGISTRY/concordia/celerybeat:$IMAGE_TAG\n\n aws ecs update-service --region ${{ env.AWS_REGION }} --force-new-deployment --cluster $CLUSTER --service $TARGET_SERVICE\n" }, { "path": ".github/workflows/stage-image-refresh.yml", "content": "name: 'Deploy image refresh to stage'\n\non:\n workflow_dispatch:\n\nenv:\n AWS_REGION: us-east-1\n\npermissions:\n id-token: write\n contents: read\n\njobs:\n deploy:\n name: Deploy Container Environment Update\n runs-on: ubuntu-latest\n environment:\n name: stage\n\n steps:\n - name: Install system packages\n run: |\n sudo apt-get update -qy && sudo apt-get dist-upgrade -qy && sudo apt-get install -qy \\\n libmemcached-dev libz-dev libfreetype6-dev libtiff-dev \\\n libjpeg-dev libopenjp2-7-dev libwebp-dev zlib1g-dev libpq-dev\n\n - name: Install node and npm\n uses: actions/setup-node@v6\n with:\n node-version: '20'\n\n - name: Checkout repository\n uses: actions/checkout@v6\n with:\n ref: release\n fetch-depth: 0\n fetch-tags: 'true'\n\n - name: Set up Python 3.12\n uses: actions/setup-python@v6\n with:\n # Semantic version range syntax or exact version of a Python version\n python-version: '3.12'\n # Optional - x64 or x86 architecture, defaults to x64\n architecture: 'x64'\n\n - name: Create image tags\n run: |\n # Get latest version tag number (e.g. main was tagged in GitHub for this Release)\n FULL_VERSION_NUMBER=\"$(git describe --tags `git rev-list --tags --max-count=1`)\"\n echo \"version_number=$(echo \"${FULL_VERSION_NUMBER}\" | cut -c2- )\" >> $GITHUB_ENV\n\n # Create image tag for image being being replaced/refreshed/updated\n echo \"tag_stale_image=$(echo \"${FULL_VERSION_NUMBER}\" | cut -c2- )_$(date +%Y%m%dT%H%M%S)\" >> $GITHUB_ENV\n\n - name: configure aws credentials\n uses: aws-actions/configure-aws-credentials@v6\n with:\n aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}\n aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}\n aws-region: ${{ env.AWS_REGION }}\n role-session-name: github_to_aws_deploy\n\n - name: Login to Amazon ECR\n id: login-ecr\n uses: aws-actions/amazon-ecr-login@v2\n\n - name: Build, tag and push docker images ECR\n env:\n REGISTRY: ${{ steps.login-ecr.outputs.registry }}\n IMAGE_TAG: ${{ secrets.IMAGE_TAG }}\n CLUSTER: ${{ secrets.CLUSTER }}\n TARGET_SERVICE: ${{ secrets.TARGET_SERVICE }}\n run: |\n docker build -t concordia .\n docker build -t concordia/importer --file importer/Dockerfile .\n docker build -t concordia/celerybeat --file celerybeat/Dockerfile .\n\n docker tag concordia:latest $REGISTRY/concordia:$version_number\n docker tag concordia:latest $REGISTRY/concordia:$IMAGE_TAG\n docker tag concordia/importer:latest $REGISTRY/concordia/importer:$version_number\n docker tag concordia/importer:latest $REGISTRY/concordia/importer:$IMAGE_TAG\n docker tag concordia/celerybeat:latest $REGISTRY/concordia/celerybeat:$version_number\n docker tag concordia/celerybeat:latest $REGISTRY/concordia/celerybeat:$IMAGE_TAG\n\n docker push $REGISTRY/concordia:$version_number\n docker push $REGISTRY/concordia:$IMAGE_TAG\n docker push $REGISTRY/concordia/importer:$version_number\n docker push $REGISTRY/concordia/importer:$IMAGE_TAG\n docker push $REGISTRY/concordia/celerybeat:$version_number\n docker push $REGISTRY/concordia/celerybeat:$IMAGE_TAG\n\n aws ecs update-service --region ${{ env.AWS_REGION }} --force-new-deployment --cluster $CLUSTER --service $TARGET_SERVICE\n\n - name: Tag existing images\n env:\n IT_TAG: ${{ secrets.IT_IMAGE_TAG }}\n run: |\n\n # Add a new tag to existing concordia images to preserve the history of images after final deployment\n # Tag concordia\n APP_MANIFEST=\"$(aws ecr batch-get-image --repository-name concordia --image-ids imageTag=${IT_TAG} --output json | jq --raw-output --join-output '.images[0].imageManifest')\"\n aws ecr put-image --repository-name concordia --image-tag $tag_stale_image --image-manifest \"$APP_MANIFEST\"\n\n # Tag concordia/celerybeat\n BEAT_MANIFEST=\"$(aws ecr batch-get-image --repository-name concordia/celerybeat --image-ids imageTag=${IT_TAG} --output json | jq --raw-output --join-output '.images[0].imageManifest')\"\n aws ecr put-image --repository-name concordia/celerybeat --image-tag $tag_stale_image --image-manifest \"$BEAT_MANIFEST\"\n\n # Tag concordia/importer\n IMPORT_MANIFEST=\"$(aws ecr batch-get-image --repository-name concordia/importer --image-ids imageTag=${IT_TAG} --output json | jq --raw-output --join-output '.images[0].imageManifest')\"\n aws ecr put-image --repository-name concordia/importer --image-tag $tag_stale_image --image-manifest \"$IMPORT_MANIFEST\"\n" }, { "path": ".github/workflows/stage-release-deploy.yml", "content": "name: 'Deploy release to stage'\n\non:\n workflow_dispatch:\n push:\n branches: [release]\n paths-ignore:\n - docs/**\n - README.md\n - .github/**\n - cloudformation/**\n - db_scripts/**\n - jenkins/**\n - search-proxy/**\n - postgresql/**\n - cloudformation/tests/**\n - concordia/tests/**\n - exporter/tests/**\n - importer/tests/**\n\nenv:\n AWS_REGION: us-east-1\n\npermissions:\n id-token: write\n contents: read\n\njobs:\n deploy:\n name: Deploy Release to Stage\n runs-on: ubuntu-latest\n environment:\n name: stage\n\n steps:\n - name: Install system packages\n run: |\n sudo apt-get update -qy && sudo apt-get dist-upgrade -qy && sudo apt-get install -qy \\\n libmemcached-dev libz-dev libfreetype6-dev libtiff-dev \\\n libjpeg-dev libopenjp2-7-dev libwebp-dev zlib1g-dev libpq-dev\n\n - name: Install node and npm\n uses: actions/setup-node@v6\n with:\n node-version: '20'\n\n - name: Checkout repository\n uses: actions/checkout@v6\n with:\n ref: release\n fetch-depth: 0\n fetch-tags: 'true'\n\n - name: Set up Python 3.12\n uses: actions/setup-python@v6\n with:\n # Semantic version range syntax or exact version of a Python version\n python-version: '3.12'\n # Optional - x64 or x86 architecture, defaults to x64\n architecture: 'x64'\n\n - name: Get version from Git\n run: |\n # Get latest version tag number (e.g. main was tagged in GitHub for this Release)\n FULL_VERSION_NUMBER=\"$(git describe --tags `git rev-list --tags --max-count=1`)\"\n echo \"version_number=$(echo \"${FULL_VERSION_NUMBER}\" | cut -c2- )\" >> $GITHUB_ENV\n\n - name: configure aws credentials\n uses: aws-actions/configure-aws-credentials@v6\n with:\n aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}\n aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}\n aws-region: ${{ env.AWS_REGION }}\n role-session-name: github_to_aws_deploy\n\n - name: Login to Amazon ECR\n id: login-ecr\n uses: aws-actions/amazon-ecr-login@v2\n\n - name: Build, tag and push docker images ECR\n env:\n REGISTRY: ${{ steps.login-ecr.outputs.registry }}\n IMAGE_TAG: ${{ secrets.IMAGE_TAG }}\n CLUSTER: ${{ secrets.CLUSTER }}\n TARGET_SERVICE: ${{ secrets.TARGET_SERVICE }}\n run: |\n docker build -t concordia .\n docker build -t concordia/importer --file importer/Dockerfile .\n docker build -t concordia/celerybeat --file celerybeat/Dockerfile .\n\n docker tag concordia:latest $REGISTRY/concordia:$version_number\n docker tag concordia:latest $REGISTRY/concordia:$IMAGE_TAG\n docker tag concordia/importer:latest $REGISTRY/concordia/importer:$version_number\n docker tag concordia/importer:latest $REGISTRY/concordia/importer:$IMAGE_TAG\n docker tag concordia/celerybeat:latest $REGISTRY/concordia/celerybeat:$version_number\n docker tag concordia/celerybeat:latest $REGISTRY/concordia/celerybeat:$IMAGE_TAG\n\n docker push $REGISTRY/concordia:$version_number\n docker push $REGISTRY/concordia:$IMAGE_TAG\n docker push $REGISTRY/concordia/importer:$version_number\n docker push $REGISTRY/concordia/importer:$IMAGE_TAG\n docker push $REGISTRY/concordia/celerybeat:$version_number\n docker push $REGISTRY/concordia/celerybeat:$IMAGE_TAG\n\n aws ecs update-service --region ${{ env.AWS_REGION }} --force-new-deployment --cluster $CLUSTER --service $TARGET_SERVICE\n" }, { "path": ".github/workflows/test-main-deploy.yml", "content": "name: 'Deploy to test'\n\non:\n workflow_dispatch:\n\nenv:\n AWS_REGION: us-east-1\n\npermissions:\n id-token: write\n contents: read\n\njobs:\n deploy:\n name: Deploy to Test\n runs-on: ubuntu-latest\n environment:\n name: test\n\n steps:\n - name: configure aws credentials\n uses: aws-actions/configure-aws-credentials@v6\n with:\n aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}\n aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}\n aws-region: ${{ env.AWS_REGION }}\n role-session-name: github_to_aws_deploy\n\n - name: Login to Amazon ECR\n id: login-ecr\n uses: aws-actions/amazon-ecr-login@v2\n\n - name: Pull, tag and push docker images ECR\n env:\n REGISTRY: ${{ steps.login-ecr.outputs.registry }}\n IMAGE_TAG_PULL: ${{ secrets.IMAGE_TAG_PULL }}\n IMAGE_TAG: ${{ secrets.IMAGE_TAG }}\n CLUSTER: ${{ secrets.CLUSTER }}\n TARGET_SERVICE: ${{ secrets.TARGET_SERVICE }}\n TARGET_SERVICE_B: ${{ secrets.TARGET_SERVICE_B }}\n run: |\n docker pull $REGISTRY/concordia:$IMAGE_TAG_PULL\n docker pull $REGISTRY/concordia/importer:$IMAGE_TAG_PULL\n docker pull $REGISTRY/concordia/celerybeat:$IMAGE_TAG_PULL\n\n docker tag $REGISTRY/concordia:$IMAGE_TAG_PULL $REGISTRY/concordia:$IMAGE_TAG\n docker tag $REGISTRY/concordia/importer:$IMAGE_TAG_PULL $REGISTRY/concordia/importer:$IMAGE_TAG\n docker tag $REGISTRY/concordia/celerybeat:$IMAGE_TAG_PULL $REGISTRY/concordia/celerybeat:$IMAGE_TAG\n\n docker push $REGISTRY/concordia:$IMAGE_TAG\n docker push $REGISTRY/concordia/importer:$IMAGE_TAG\n docker push $REGISTRY/concordia/celerybeat:$IMAGE_TAG\n\n aws ecs update-service --region ${{ env.AWS_REGION }} --force-new-deployment --cluster $CLUSTER --service $TARGET_SERVICE\n aws ecs update-service --region ${{ env.AWS_REGION }} --force-new-deployment --cluster $CLUSTER --service $TARGET_SERVICE_B\n" }, { "path": ".github/workflows/test.yml", "content": "name: Test\n\non:\n workflow_dispatch:\n pull_request:\n branches: [main, 'feature-*', release]\n paths-ignore:\n - docs/**\n - README.md\n - .github/**\n - cloudformation/**\n - db_scripts/**\n - jenkins/**\n - search-proxy/**\n - postgresql/**\n\nenv:\n PIPENV_IGNORE_VIRTUALENVS: 1\n DJANGO_SETTINGS_MODULE: concordia.settings_test\n\njobs:\n test:\n runs-on: ubuntu-latest\n\n services:\n # Label used to access the service container\n postgres:\n # Docker Hub image\n image: postgres\n # Provide the password for postgres\n env:\n POSTGRES_DB: concordia\n POSTGRES_PASSWORD: postgres\n # Set health checks to wait until postgres has started\n options: >-\n --health-cmd pg_isready\n --health-interval 10s\n --health-timeout 5s\n --health-retries 5\n ports:\n # Maps tcp port 5432 on service container to the host\n - 5432:5432\n\n steps:\n - name: Remove Firefox\n run: sudo apt-get purge firefox\n\n - name: Install system packages\n run: |\n sudo apt-get update -qy && sudo apt-get dist-upgrade -qy && sudo apt-get install -qy \\\n libmemcached-dev libz-dev libfreetype6-dev libtiff-dev \\\n libjpeg-dev libopenjp2-7-dev libwebp-dev zlib1g-dev libpq-dev \\\n tesseract-ocr tesseract-ocr-all\n\n - name: Install node and npm\n uses: actions/setup-node@v6\n with:\n node-version: '20'\n\n - name: Checkout repository\n uses: actions/checkout@v6\n\n - name: Set up Python 3.12\n uses: actions/setup-python@v6\n with:\n python-version: '3.12'\n architecture: 'x64'\n cache: 'pipenv'\n\n - name: Display Python version\n run: python -c \"import sys; print(sys.version)\"\n\n - name: Install Python Dependencies\n run: |\n python3 -m pip install --upgrade pip\n pip3 install -U packaging\n pip3 install -U setuptools\n pip3 install -U pipenv\n pipenv install --dev --deploy\n pipenv install tblib # For parallel test debugging\n\n - name: Install Node Dependencies #and Add .bin to Path\n run:\n npm install\n # echo \"PATH=$PWD/node_modules/.bin:$PATH\" >> $GITHUB_ENV\n\n - name: Configure Logs\n run: |\n mkdir logs\n touch ./logs/concordia-celery.log\n\n - name: Bundle, Build (Vite) and Collect Static Files\n run: |\n npm run build\n pipenv run ./manage.py collectstatic --no-input --no-post-process\n\n # - name: Install Chrome for Testing and Set Path\n # run: |\n # chromepath=$(npx @puppeteer/browsers install chrome@latest)\n # chromepath=${chromepath#* }\n # echo \"Chrome installed at: $chromepath\"\n # $chromepath --version\n # chromepath=${chromepath%/chrome} # Remove the binary so we can add it to the PATH\n # # Update PATH for subsequent steps\n # echo \"PATH=$chromepath:$PATH\" >> $GITHUB_ENV\n\n - name: Run Tests with Coverage\n run: |\n mkdir -p coverage_report\n pipenv run coverage run --parallel-mode ./manage.py test --parallel auto\n pipenv run coverage combine # Merge results from parallel test workers\n # Save full report to coverage_report/coverage.txt and just the total coverage percent to pr_coverage.txt\n pipenv run coverage report | tee coverage_report/coverage.txt | grep 'TOTAL' | awk '{print $6}' > pr_coverage.txt\n echo \"Stored PR coverage:\"\n cat pr_coverage.txt # Debugging output to verify correct storage\n pipenv run coverage html\n mv htmlcov coverage_report/html # Move HTML report into a separate directory\n env:\n PGPASSWORD: postgres\n # The hostname used to communicate with the PostgreSQL service container\n POSTGRES_HOST: localhost\n # The default PostgreSQL port\n POSTGRES_PORT: 5432\n # COMMIT_RANGE: ${{ github.event.pull_request.base.sha }}..${{ github.event.pull_request.head.sha }}\n\n # Store coverage results if running on the release branch\n - name: Store Release Coverage (if running on release branch)\n if: github.ref == 'refs/heads/release'\n run: cp pr_coverage.txt coverage.txt\n\n # Cache coverage results if running on the release branch\n - name: Cache Release Coverage (if running on release branch)\n if: github.ref == 'refs/heads/release'\n uses: actions/cache@v5\n with:\n path: coverage.txt\n key: release-coverage\n\n # Upload full coverage report as an artifact\n - name: Upload Full Coverage Report\n uses: actions/upload-artifact@v7\n with:\n name: coverage-report\n path: coverage_report\n\n # Download the stored release branch coverage for PR comparison, if it exists\n - name: Restore Release Coverage (if running on PR)\n if: github.event_name == 'pull_request'\n uses: actions/cache@v5\n with:\n path: coverage.txt\n key: release-coverage\n restore-keys: |\n release-coverage\n\n # Compare PR coverage against stored release coverage\n - name: Compare Coverage (if running on PR)\n if: github.event_name == 'pull_request'\n run: |\n echo \"Reading PR coverage from pr_coverage.txt...\"\n cat pr_coverage.txt || echo \"⚠️ ERROR: pr_coverage.txt not found or empty\"\n PR_COVERAGE=$(cat pr_coverage.txt)\n if [ -z \"$PR_COVERAGE\" ]; then\n echo \"⚠️ ERROR: PR_COVERAGE is empty!\"\n PR_COVERAGE=\"N/A\"\n fi\n\n echo \"PR Coverage: $PR_COVERAGE\"\n if [ -f \"coverage.txt\" ]; then\n RELEASE_COVERAGE=$(cat coverage.txt)\n COMPARISON_AVAILABLE=true\n else\n COMPARISON_AVAILABLE=false\n RELEASE_COVERAGE=\"N/A\"\n fi\n\n if [ \"$COMPARISON_AVAILABLE\" = true ]; then\n # Strip '%' from PR_COVERAGE and RELEASE_COVERAGE for numerical comparison\n PR_COVERAGE_NUM=${PR_COVERAGE%\\%}\n RELEASE_COVERAGE_NUM=${RELEASE_COVERAGE%\\%}\n if (( $(echo \"$PR_COVERAGE_NUM > $RELEASE_COVERAGE_NUM\" | bc -l) )); then\n CHANGE=\"πŸ”Ό Coverage increased (+$(echo \"$PR_COVERAGE_NUM - $RELEASE_COVERAGE_NUM\" | bc -l)%)!\"\n elif (( $(echo \"$PR_COVERAGE_NUM < $RELEASE_COVERAGE_NUM\" | bc -l) )); then\n CHANGE=\"πŸ”½ Coverage decreased (-$(echo \"$RELEASE_COVERAGE_NUM - $PR_COVERAGE_NUM\" | bc -l)%)!\"\n else\n CHANGE=\"βœ… Coverage remained the same.\"\n fi\n else\n CHANGE=\"⚠️ No baseline coverage available from 'release' branch.\"\n fi\n\n echo \"COVERAGE_CHANGE=$CHANGE\" >> $GITHUB_ENV\n printf \"RELEASE_COVERAGE=%s\\n\" \"$RELEASE_COVERAGE\" >> $GITHUB_ENV\n printf \"PR_COVERAGE=%s\\n\" \"$PR_COVERAGE\" >> $GITHUB_ENV\n\n # Generate and store command for display on the Action UI and PR (if any)\n - name: Generate Coverage Report Comment\n run: |\n echo \"**πŸ›‘ Test Coverage Report πŸ›‘**\" > coverage_comment.txt\n echo \"- **Current PR Coverage:** ${{ env.PR_COVERAGE }}\" >> coverage_comment.txt\n echo \"- **Release Branch Coverage:** ${{ env.RELEASE_COVERAGE }}\" >> coverage_comment.txt\n echo \"- **${{ env.COVERAGE_CHANGE }}**\" >> coverage_comment.txt\n echo \"- πŸ“Š **[Download Full Coverage Report (Under \"Artifacts\")](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}#artifacts)**\" >> coverage_comment.txt\n echo \"\" >> coverage_comment.txt\n echo \"
\" >> coverage_comment.txt\n echo \"πŸ“œ Click to view full text coverage report\" >> coverage_comment.txt\n echo \"\" >> coverage_comment.txt\n echo '```text' >> coverage_comment.txt\n cat coverage_report/coverage.txt >> coverage_comment.txt\n echo '```' >> coverage_comment.txt\n echo \"
\" >> coverage_comment.txt\n\n # Display the coverage summary in the GitHub Actions UI\n - name: Post Coverage Summary\n run: cat coverage_comment.txt >> $GITHUB_STEP_SUMMARY\n\n # Post a comment on the PR with the coverage results\n - name: Comment Coverage Change on PR\n if: github.event_name == 'pull_request'\n uses: mshick/add-pr-comment@v3\n with:\n message-path: coverage_comment.txt\n" }, { "path": ".gitignore", "content": "node_modules/\nbin/\ntarget/\nlocal/\nbuild/\n.project\n.classpath\n.settings/\n*.pyc\nbuildstatus.log\ndeploystatus.log\n.metadata/\nartifacts/\n/.*\n!.gitignore\n!.cfnlintrc.yaml\n!.github\n!.dockerignore\n.DS_Store\ndocs/build\nenv.ini\n.venv\n*.sqlite3\n*.egg-info/\n/temp/\n/emails/\n/logs/*\nenv-dev.ini\ndocs/_build\ndocs/modules\ndist/\nprofile_pics/\nmss*\n*.swp\nconfig-optional-override.json\nenv/\nconcordia/settings_dev_*.py\nconcordia/settings_test_*.py\nconcordia/settings_loadtest_*.py\nversion.txt\nstatic-files\n" }, { "path": "Dockerfile", "content": "# Base runtime: Debian 12 (bookworm) slim + Python 3.12.\nFROM python:3.12-slim-bookworm\n\n# Major Node.js version to install (e.g., 20, 22). This is used to select the\n# NodeSource APT repository \"node_.x\".\nARG NODE_MAJOR=20\n\n# Include a small \"wait for dependencies\" helper used by the container command.\n# This is downloaded at build time and placed at /wait.\n## Add the wait script to the image\nADD https://github.com/ufoscout/docker-compose-wait/releases/download/2.2.1/wait /wait\nRUN chmod +x /wait\n\n# Prevent interactive prompts during apt operations.\nENV DEBIAN_FRONTEND=\"noninteractive\"\n\n# Bootstrap minimal tooling needed later in the build:\n# - curl: download files/keys\n# - ca-certificates: validate HTTPS endpoints\n# - gnupg: import and dearmor APT repository signing keys\nRUN apt-get update -qy && apt-get install -qy curl ca-certificates gnupg\n\n# Trust the Library's certificate authority so the HTTPS tampering proxy does\n# not break TLS validation for clients inside the container.\n#\n# This downloads the CA certificate, converts it to PEM, and refreshes the\n# OpenSSL certificate hashes so it is recognized by OpenSSL-based clients.\n# Ensure that the Library's certificate authority is trusted so the tampering\n# proxy will not break TLS validation. See\n# https://staff.loc.gov/wikis/display/SE/Configuring+HTTPS+clients+for+the+HTTPS+tampering+proxy.\nRUN curl -fso /etc/ssl/certs/LOC-ROOT-CA-1.crt http://crl.loc.gov/LOC-ROOT-CA-1.crt && openssl x509 -inform der -in /etc/ssl/certs/LOC-ROOT-CA-1.crt -outform pem -out /etc/ssl/certs/LOC-ROOT-CA-1.pem && c_rehash\n\n# Install Node.js via the NodeSource APT repository (manual setup; no setup\n# script). Debian bookworm ships Node 18; adding this repo allows installing a\n# newer major version (e.g., Node 20) via apt.\n#\n# This step:\n# - creates a dedicated keyring directory under /etc/apt/keyrings\n# - downloads and installs the NodeSource signing key into a keyring file\n# - registers the NodeSource repository for the selected Node.js major line\n#\n# Note: When installing Node.js from NodeSource, the `nodejs` package includes\n# npm (and npm comes with node-gyp), so there is no separate `npm` or\n# `node-gyp` APT package to install here.\n#\n# References: NodeSource \"Repository Manual Installation\" guide. https://github.com/nodesource/distributions/wiki/Repository-Manual-Installation\nRUN \\\n # Create a dedicated directory for third-party APT keyrings.\n mkdir -p /etc/apt/keyrings && \\\n # Download the NodeSource repository signing key and store it as a keyring\n # file that apt can use to verify NodeSource packages.\n curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key \\\n | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg && \\\n # Register the NodeSource repository for the selected Node.js major version.\n # The \"signed-by=\" option scopes trust to just this repository entry.\n echo \"deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_${NODE_MAJOR}.x nodistro main\" \\\n > /etc/apt/sources.list.d/nodesource.list\n\n# Bring the base OS packages fully up to date, then install system dependencies\n# needed to build and run the application.\n#\n# Notes:\n# - dist-upgrade pulls in security and point-release updates for the base image.\n# - --force-confnew ensures updated config files are accepted when prompted.\n# - autoremove/autoclean reduce image size after installing packages.\nRUN apt-get update -qy && apt-get dist-upgrade -qy && apt-get install -o Dpkg::Options::='--force-confnew' -qy \\\n build-essential \\\n git \\\n libmemcached-dev \\\n # Pillow/Imaging: https://pillow.readthedocs.io/en/latest/installation.html#external-libraries\n libz-dev libfreetype6-dev \\\n libtiff-dev libjpeg-dev libopenjp2-7-dev libwebp-dev zlib1g-dev \\\n # Postgres client library to build psycopg\n libpq-dev \\\n locales \\\n # Weasyprint requirements\n libpango-1.0-0 libharfbuzz0b libpangoft2-1.0-0 \\\n # Tesseract\n tesseract-ocr tesseract-ocr-all \\\n # Node.js runtime (from NodeSource) and build tooling for native addons.\n nodejs && apt-get -qy autoremove && apt-get -qy autoclean\n\n# Generate and configure a UTF-8 locale for consistent string handling.\nRUN locale-gen en_US.UTF-8\nENV LC_ALL=en_US.UTF-8\nENV LANG=en_US.UTF-8\nENV LANGUAGE=en_US.UTF-8\n\n# Python runtime settings:\n# - unbuffered output for log visibility in containers\n# - add /app to PYTHONPATH for module resolution\nENV PYTHONUNBUFFERED=1 \\\n PYTHONPATH=/app\n\n# Default Django settings module for container runtime (can be overridden).\nENV DJANGO_SETTINGS_MODULE=${DJANGO_SETTINGS_MODULE:-concordia.settings_docker}\n\n# Ensure an up-to-date pip and install pipenv for dependency management.\nRUN pip install --upgrade pip\nRUN pip install --no-cache-dir pipenv\n\n# Copy application code into the image.\nWORKDIR /app\nCOPY . /app\n\n# Front-end build and asset pipeline:\n# - update npm to a known major version\n# - Install all JS dependencies (including devDependencies for plugins)\nRUN npm install --silent --global npm@10 && npm install --silent\n\n# Additional JS build step for Vite.\n# - Build assets (Vite) complile scss, bundle, hash and compress js\n# - This populates concordia/static/dist with hashed and compressed files.\nRUN npm run build\n\n# Create Log Directory\n# - Required for Django logging initialization when running collecstatic.\nRUN mkdir -p /app/logs\n\n# Install Python dependencies into the system environment using Pipenv and\n# - Bake static files into the image (Fast, no post-processing)\n# - remove Pipenv cache to reduce image size.\nRUN pipenv install --system --dev --deploy && \\\n python manage.py collectstatic --no-input --no-post-process && \\\n rm -rf ~/.cache/\n\n# - Clean up node artifacts to reduce image size\nRUN rm -rf node_modules && rm -rf ~/.cache/\n\n# Container listens on port 80.\nEXPOSE 80\n\n# Wait for dependencies (via /wait) and then run the application entrypoint.\nCMD /wait && /bin/bash entrypoint.sh\n" }, { "path": "LICENSE.md", "content": "As a work of the United States Government, this project is in the\npublic domain within the United States.\n\nAdditionally, we waive copyright and related rights in the work\nworldwide through the CC0 1.0 Universal public domain dedication.\n\n## CC0 1.0 Universal Summary\n\nThis is a human-readable summary of the\n[Legal Code (read the full text)](https://creativecommons.org/publicdomain/zero/1.0/legalcode).\n\n### No Copyright\n\nThe person who associated a work with this deed has dedicated the work to\nthe public domain by waiving all of his or her rights to the work worldwide\nunder copyright law, including all related and neighboring rights, to the\nextent allowed by law.\n\nYou can copy, modify, distribute and perform the work, even for commercial\npurposes, all without asking permission.\n\n### Other Information\n\nIn no way are the patent or trademark rights of any person affected by CC0,\nnor are the rights that other persons may have in the work or in how the\nwork is used, such as publicity or privacy rights.\n\nUnless expressly stated otherwise, the person who associated a work with\nthis deed makes no warranties about the work, and disclaims liability for\nall uses of the work, to the fullest extent permitted by applicable law.\nWhen using or citing the work, you should not imply endorsement by the\nauthor or the affirmer.\n" }, { "path": "Loadtesting.md", "content": "# Load Testing Mode\n\nThis document describes the current (incomplete but runnable) \"load testing mode\"\nimplementation and how to run it end-to-end manually.\n\nLoad testing mode consists of:\n\n- A fixture generator that builds a single JSON fixture from an existing DB\n- A DB preparation command that creates a fresh load test DB, migrates it, and\n loads the fixture while suppressing all Django signals\n- A load test settings file that points the app at the load test DB and disables\n Turnstile blocking\n- A Locust script (`locustfile.py`) plus a wrapper shell script (`load_test.sh`)\n to run a headless load test\n\nThe intended lifecycle is:\n\n1. Generate a fixture from a DB with real-ish data\n2. Create and populate a fresh `concordia_lt` database from that fixture\n3. Run the web app against `concordia_lt` using load test settings\n4. Run Locust against that host\n\nThe load test database is intended to be single-use.\n\n## Files\n\n- `concordia/management/commands/create_load_test_fixtures.py`\n- `concordia/management/commands/prepare_load_test_db.py`\n- `concordia/settings_loadtest.py` (or your own `concordia/settings_loadtest_.py`)\n- `locustfile.py` (repo root)\n- `load_test.sh` (repo root)\n\n## Safety notes\n\n- `create_load_test_fixtures` is read-only against the source DB and only\n writes a JSON file. It is safe to run against production, though it is\n normally run against a refreshed copy of production.\n- `prepare_load_test_db` creates and optionally drops a separate database\n (`concordia_lt`), runs migrations, and loads fixtures into it.\n - It requires PostgreSQL credentials with `CREATE DATABASE` privileges.\n - If recreating or dropping, it terminates active connections to the target DB.\n- During fixture load, all Django signals are suppressed to avoid side effects\n (Celery tasks, storage writes, cache updates, derived fields, etc).\n- Storage in load test mode is configured to use dev/staging buckets for safety.\n The workflow is designed to avoid writes to external systems.\n- Locust defaults to a non-production host to reduce risk.\n\n## Prerequisites\n\n- VPN access to the target environment\n- PostgreSQL credentials available via environment variables\n - The DB user must be able to connect to `dbname=postgres` and create databases\n- Python environment with the normal dev dependencies installed (Locust is a dev\n dependency)\n- Ability to restart the web app with a different settings module\n- A reachable host running the app in load test mode\n\n## Fixture contents\n\nThe fixture generated by `create_load_test_fixtures` contains:\n\n- Up to 2 published Topics, chosen by ascending `ordering`\n- Up to 5 published Campaigns, preferring Topic-linked Campaigns and filling with\n additional published Campaigns by ascending `ordering`\n- Up to `--assets-limit` Assets (default 10,000), collected by walking:\n - Topic-linked Projects first, then\n - Campaign-linked Projects if needed\n- Closure of referenced Items, Projects, Campaigns and Topics for the chosen Assets\n- All Transcriptions for selected Assets\n- Anonymized fixtures for any Users referenced by those Transcriptions\n (`user` and `reviewed_by`)\n- A synthetic pool of test users:\n - Default: 10,000 users named `locusttest00001`..`locusttest10000`\n - All share the same password: `locustpass123`\n - Email: `@example.test`\n - Users are created with explicit PKs beyond the existing fixture user PKs to\n avoid collisions\n- ProjectTopic rows for selected Topic+Project links (preserves the M2M)\n\nNotes:\n\n- Selection is best-effort. If there are fewer than `--assets-limit` Assets, the\n fixture is still written.\n- The output is a single JSON file (default `loadtest_fixture.json`).\n- By default, the command validates the fixture by calling `prepare_load_test_db`\n unless `--no-validate` is provided.\n\n## Commands\n\n### 1) Create the fixture\n\nRun against a DB with real data (usually a refreshed prod copy):\n\n```bash\npython manage.py create_load_test_fixtures\n```\n\nCommon options:\n\n```bash\npython manage.py create_load_test_fixtures \\\n --assets-limit 10000 \\\n --test-users 10000 \\\n --test-user-prefix locusttest \\\n --test-user-password locustpass123 \\\n --output loadtest_fixture.json\n```\n\nValidation options:\n\n- `--no-validate` to skip validation\n- `--validate-db-name NAME` to override the validation DB name\n- `--validate-recreate` to recreate the validation DB if it exists\n- `--validate-drop` to drop the validation DB after loading\n\n### 2) Create and populate the load test DB\n\nStandard DB name: `concordia_lt`\n\n```bash\npython manage.py prepare_load_test_db \\\n --db-name concordia_lt \\\n --recreate \\\n --fixtures loadtest_fixture.json\n```\n\nBehavior:\n\n- Creates or recreates `concordia_lt`\n- Runs migrations\n- Loads fixtures with all signals suppressed by default\n\n## Running the app in load test mode\n\n### Settings file\n\n`concordia/settings_loadtest.py` is an override layer on top of\n`settings_template.py`. It:\n\n- Points the DB at `concordia_lt`\n- Disables rate limiting\n- Forces Turnstile to always-pass test keys by default\n- Uses console email backend\n- Uses dev buckets for safety\n- Adjusts logging to be visible in common run contexts\n\nIf you need a different DB name, do not edit `settings_loadtest.py` directly.\nCreate a personal settings file, following the local dev convention:\n\n- `concordia/settings_loadtest_.py`\n- Override `DATABASES[\"default\"][\"NAME\"]` (and any other local overrides)\n\n### Selecting settings at runtime\n\nLocal example:\n\n```bash\nDJANGO_SETTINGS_MODULE=concordia.settings_loadtest \\\n python manage.py runserver 0.0.0.0:8000\n```\n\nServer/container example:\n\n- Set `DJANGO_SETTINGS_MODULE=concordia.settings_loadtest`\n- Restart/redeploy the web process so it actually uses the load test settings\n\nImportant:\n\n- Creating `concordia_lt` does not affect any running web process.\n You must restart the app with the load test settings selected.\n\n## Locust\n\n### Overview\n\nThe load test simulates three flows:\n\n- Anonymous browsing/transcription page interactions\n- Authenticated users who transcribe\n- Authenticated users who review\n\nThe script uses these endpoints:\n\n- `/` (homepage)\n- `/next-transcribable-asset/` (redirect to next asset)\n- `/next-reviewable-asset/` (redirect to next reviewable asset)\n- `/account/login/` (login)\n- `/account/ajax-status/` and `/account/ajax-messages/` (simulates normal page load)\n\nThe script parses asset pages to find:\n\n- The transcription form action (`
`)\n- Reservation endpoint (`\n \n {{ block.super }}\n {% vite_asset 'src/profile.js' %}\n{% endblock body_scripts %}\n" }, { "path": "concordia/templates/admin/auth/user/change_form.html", "content": "{% extends \"admin/change_form.html\" %}\n\n{% load i18n admin_urls humanize %}\n\n{% block object-tools-items %}\n {% if original.pk %}\n
  • \n \n Transcriptions\n \n
    • \n
  • \n \n Reviews\n \n
    • \n {% endif %}\n {{ block.super }}\n{% endblock object-tools-items %}\n" }, { "path": "concordia/templates/admin/base_site.html", "content": "{% extends \"admin/base.html\" %}\n\n{% block title %}{{ title }} | {{ site_title|default:_('Django site admin') }}{% endblock %}\n\n{% block branding %}\n

    {{ site_header|default:_('Django administration') }}

    \n{% endblock %}\n\n{% block nav-global %}{% endblock %}\n\n{% block extrahead %}\n \n{% endblock %}\n\n{% block messages %}\n {% if messages %}\n
      \n {% for message in messages %}\n {# Remove mark-safe from tags since that's for controlling template behavior #}\n {% with message.tags|reject:\"mark-safe\"|join:\" \" as cleaned_tags %}\n
    • {% endif %}\n {% if \"marked-safe\" in message.tags %}\n {{ message|safe|capfirst }}\n {% else %}\n {{ message|capfirst }}\n {% endif %}\n
      • \n {% endwith %}\n {% endfor %}\n
    \n {% endif %}\n{% endblock messages %}\n" }, { "path": "concordia/templates/admin/bulk_change.html", "content": "{% extends \"admin/base_site.html\" %}\n\n{% block messages %}\n {% comment %} This is displayed elswhere {% endcomment %}\n{% endblock messages %}\n\n{% block extrahead %}\n {{ block.super }}\n \n{% endblock %}\n\n{% block content %}\n
    \n
    \n
      \n
    1. The spreadsheet should be in xlsx (not xls or csv) format.
      2. \n
    2. The spreadsheet should have a header row. One of the columns headers should be \"asset__slug\", and another should be \"New Status\".
      3. \n
    3. If the \"user\" column is set, that value will be used as the submitting user. Otherwise, the anonymouse user will be used.
      4. \n
    \n \n {% csrf_token %}\n {{ form.as_table }}\n
    \n \n
    \n \n
    \n\n {% if messages %}\n

    Messages

    \n
      \n {% for message in messages %}\n
    • = DEFAULT_MESSAGE_LEVELS.ERROR %}message-error{% elif message.level >= DEFAULT_MESSAGE_LEVELS.WARNING %}message-warning{% endif %}\">{{ message }}
      • \n {% endfor %}\n
    \n {% endif %}\n
    \n{% endblock content %}\n" }, { "path": "concordia/templates/admin/bulk_import.html", "content": "{% extends \"admin/base.html\" %}\n\n{% block messages %}\n {% comment %} This is displayed elswhere {% endcomment %}\n{% endblock messages %}\n\n{% block extrahead %}\n {{ block.super }}\n \n{% endblock %}\n\n{% block content %}\n
    \n {% if import_jobs %}\n

    Import Tasks

    \n
      \n {% for import_job in import_jobs %}\n
    • \n {{ import_job }}\n
      • \n {% endfor %}\n
    \n {% else %}\n

    \n The spreadsheet must follow this convention:\n

      \n
    1. A header row must include the columns Campaign, Campaign Short Description, Campaign Long Description, Campaign Slug, Project Slug, Project, Project Description, and Import URLs
      2. \n
    2. The header names are case sensitive but may occur in any order and other columns will be ignored
      3. \n
    3. Project titles (in the Project column) must be 80 characters or less.
      4. \n
    4. The Campaign, Project, and Import URLs columns must have values or the row will be skipped
      5. \n
    5. \n The Import URLs column may contain one or more URLs\n separated by spaces or newlines. Do not include commas or\n semicolons as those are valid URL characters and will be\n treated as part of the URL.\n
      6. \n
    6. \n Campaigns and Projects will be created if they do not\n exist but existing records will not be modified. If you\n want to recreate them, delete the old records before\n running the importer.\n
      7. \n
    7. \n Items will be added to projects but items which have\n already been imported into that project will be skipped.\n (Unless the redownload option is checked below.)\n This means that you can add multiple items to a project\n both by having the β€œImport URLs” cell contain multiple\n URLs or by duplicating the row with new ”Import URLs”\n values.\n
      8. \n
    \n

    \n\n
    \n
    \n {% csrf_token %}\n {{ form.as_p }}\n
    \n \n
    \n
    \n
    \n {% endif %}\n\n\n {% if messages %}\n

    Messages

    \n
      \n {% for message in messages %}\n
    • = DEFAULT_MESSAGE_LEVELS.ERROR %}message-error{% elif message.level >= DEFAULT_MESSAGE_LEVELS.WARNING %}message-warning{% endif %}\">{{ message }}
      • \n {% endfor %}\n
    \n {% endif %}\n
    \n{% endblock content %}\n" }, { "path": "concordia/templates/admin/bulk_review.html", "content": "{% extends \"admin/base.html\" %}\n\n{% block messages %}\n {% comment %} This is displayed elswhere {% endcomment %}\n{% endblock messages %}\n\n{% block extrahead %}\n {{ block.super }}\n \n{% endblock %}\n\n{% block content %}\n
    \n {% if import_jobs %}\n

    Import Tasks

    \n
      \n {% for import_job in import_jobs %}\n
    • \n {{ import_job }}\n
      • \n {% endfor %}\n
    \n {% else %}\n

    \n The spreadsheet must follow this convention:\n

      \n
    1. A header row must include the columns Campaign, Campaign Short Description, Campaign Long Description, Campaign Slug, Project Slug, Project, Project Description, and Import URLs
      2. \n
    2. The header names are case sensitive but may occur in any order and other columns will be ignored
      3. \n
    3. Project titles (in the Project column) must be 80 characters or less.
      4. \n
    4. The Campaign, Project, and Import URLs columns must have values or the row will be skipped
      5. \n
    5. \n The Import URLs column may contain one or more URLs\n separated by spaces or newlines. Do not include commas or\n semicolons as those are valid URL characters and will be\n treated as part of the URL.\n
      6. \n
    6. \n Campaigns and Projects will be created if they do not\n exist but existing records will not be modified. If you\n want to recreate them, delete the old records before\n running the importer.\n
      7. \n
    7. \n Items will be added to projects but items which have\n already been imported into that project will be skipped.\n This means that you can add multiple items to a project\n both by having the β€œImport URLs” cell contain multiple\n URLs or by duplicating the row with new ”Import URLs”\n values.\n
      8. \n
    \n

    \n\n
    \n
    \n {% csrf_token %}\n {{ form.as_p }}\n
    \n \n
    \n
    \n
    \n {% endif %}\n\n\n {% if messages %}\n

    Messages

    \n
      \n {% for message in messages %}\n
    • = DEFAULT_MESSAGE_LEVELS.ERROR %}message-error{% elif message.level >= DEFAULT_MESSAGE_LEVELS.WARNING %}message-warning{% endif %}\">{{ message }}
      • \n {% endfor %}\n
    \n {% endif %}\n
    \n{% endblock content %}\n" }, { "path": "concordia/templates/admin/celery_task.html", "content": "{% extends \"admin/base.html\" %}\n\n{% block messages %}\n {% comment %} This is displayed elswhere {% endcomment %}\n{% endblock messages %}\n\n{% block extrahead %}\n {{ block.super }}\n \n{% endblock %}\n\n{% block content %}\n
    \n {% if campaigns %}\n

    Importer Progress

    \n
      \n \n \n \n \n \n \n \n {% for campaign in campaigns %}\n \n \n \n \n {% endfor %}\n
      Campaign Title
      {{ campaign.title }}Check Progress
      \n
    \n\n {% else %}\n\n {% if projects %}\n All Campaigns\n

    Projects

    \n
      \n \n \n \n \n \n \n \n \n \n \n \n {% for project in projects %}\n \n \n \n \n \n \n \n {% endfor %}\n
      Project TitleSuccessfulStarted-IncompleteStarted-FailedUnstarted
      {{ project.title }}{{ project.successful }}\n {{ project.incomplete }}\n {{ project.failure }}\n {{ project.unstarted }}
      \n
    \n\n Total Assets: {{ totalassets }}\n\n {% endif %}\n {% endif %}\n {% if messages %}\n

    Messages

    \n
      \n {% for message in messages %}\n = DEFAULT_MESSAGE_LEVELS.ERROR %}message-error{% elif message.level >= DEFAULT_MESSAGE_LEVELS.WARNING %}message-warning{% endif %}\">\n {{ message }}\n {% endfor %}\n
    \n {% endif %}\n
    \n{% endblock content %}\n" }, { "path": "concordia/templates/admin/clear_cache.html", "content": "{% extends \"admin/base.html\" %}\n\n{% block extrahead %}\n {{ block.super }}\n \n{% endblock %}\n\n{% block content %}\n
    \n

    \n Don't do this if you don't know what you're doing.\n

    \n

    \n Don't do this if you don't know what you're doing.\n \n

    \n
    \n
    \n {% csrf_token %}\n {{ form.as_p }}\n
    \n \n
    \n
    \n
    \n
    \n{% endblock content %}\n" }, { "path": "concordia/templates/admin/concordia/asset/change_form.html", "content": "{% extends \"admin/change_form.html\" %}\n\n{% load i18n admin_urls humanize %}\n\n{% block object-tools-items %}\n {% if original.pk %}\n
  • \n \n Campaign\n \n
    • \n
  • \n \n Project\n \n
    • \n
  • \n \n Item\n \n
    • \n
  • \n \n Transcriptions\n \n
    • \n {% endif %}\n {{ block.super }}\n{% endblock object-tools-items %}\n\n{% block content %}\n {% if original %}\n
    \n {% csrf_token %}\n\n {# Manually create the hidden PK field #}\n \n\n {# We use this to send the user back to this page instead of leaving them on the changelist #}\n \n\n {{ status_action_form.action }}\n \n
    \n {% endif %}\n\n

    Current status: {{ original.get_transcription_status_display }}

    \n\n {{ block.super }}\n\n

    Current status: {{ original.transcription_status }}

    \n\n {% if transcriptions %}\n \n \n \n \n \n \n \n \n \n \n \n \n \n {% for t in transcriptions %}\n \n \n \n \n \n \n \n \n {% endfor %}\n \n
    Transcription History
    IDCreatorCreatedUpdatedSubmittedReview Status
    {{ t.id }}{{ t.user }}{{ t.created_on|naturaltime }}{{ t.updated_on|naturaltime }}{{ t.submitted|naturaltime|default:'' }}\n {% if t.rejected %}\n Rejected\n {% elif t.accepted %}\n Accepted\n {% endif %}\n {% if t.rejected or t.accepted %}\n by {{ t.reviewed_by }}\n {% endif %}\n {% if t.rejected %}\n {{ t.rejected|naturaltime }}\n {% elif t.accepted %}\n {{ t.accepted|naturaltime }}\n {% endif %}\n
    \n {% endif %}\n{% endblock content %}\n" }, { "path": "concordia/templates/admin/concordia/asset/change_list.html", "content": "{% extends \"admin/change_list.html\" %}\n\n{% block result_list %}\n {% block pagination %} {{ block.super }} {% endblock %}\n {{ block.super }}\n{% endblock %}\n" }, { "path": "concordia/templates/admin/concordia/campaign/change_form.html", "content": "{% extends \"admin/change_form.html\" %}\n\n{% load i18n admin_urls static %}\n\n{% block object-tools-items %}\n {% if original.pk %}\n
  • \n \n Export CSV\n \n
    • \n
  • \n \n Export BagIt\n \n
    • \n
  • \n \n Report\n \n
    • \n {% if perms.concordia.retire_campaign and original.status != 1 %}\n {# Hide if campaign is active #}\n
  • \n \n Retire\n \n
    • \n {% endif %}\n
  • \n \n Projects\n \n
    • \n
  • \n \n Items\n \n
    • \n
  • \n \n Assets\n \n
    • \n {% endif %}\n {{ block.super }}\n{% endblock %}\n" }, { "path": "concordia/templates/admin/concordia/campaign/retire.html", "content": "{% extends \"admin/base_site.html\" %}\n{% load i18n admin_urls static %}\n\n{% block extrahead %}\n {{ block.super }}\n {{ media }}\n \n{% endblock %}\n\n{% block bodyclass %}{{ block.super }} app-{{ opts.app_label }} model-{{ opts.model_name }} delete-confirmation{% endblock %}\n\n{% block breadcrumbs %}\n
    \n Home\n › {{ opts.app_config.verbose_name }}\n › {{ opts.verbose_name_plural|capfirst }}\n › {{ object|truncatewords:\"18\" }}\n › Retire\n
    \n{% endblock %}\n\n{% block content %}\n {% block delete_confirm %}\n

    Are you sure you want to retire the {{ object_name }} \"{{ object }}\"? All of the following related items will be deleted:

    \n {% include \"admin/includes/object_delete_summary.html\" %}\n
    {% csrf_token %}\n
    \n \n \n No, take me back\n
    \n
    \n {% endblock %}\n{% endblock content %}\n" }, { "path": "concordia/templates/admin/concordia/item/change_form.html", "content": "{% extends \"admin/change_form.html\" %}\n\n{% load i18n admin_urls static %}\n\n{% block object-tools-items %}\n {% if original.pk %}\n
  • \n \n Export BagIt\n \n
    • \n
  • \n \n Campaign\n \n
    • \n
  • \n \n Project\n \n
    • \n\n
  • \n \n Assets\n \n
    • \n\n {% endif %}\n {{ block.super }}\n{% endblock %}\n" }, { "path": "concordia/templates/admin/concordia/project/change_form.html", "content": "{% extends \"admin/change_form.html\" %}\n\n{% load i18n admin_urls static %}\n\n{% block object-tools-items %}\n {% if original.pk %}\n
  • \n \n Export CSV\n \n
    • \n
  • \n \n Export BagIt\n \n
    • \n
  • \n \n Import Items\n \n
    • \n\n
  • \n \n Campaign\n \n
    • \n\n
  • \n \n Items\n \n
    • \n\n
  • \n \n Assets\n \n
    • \n {% endif %}\n {{ block.super }}\n{% endblock %}\n" }, { "path": "concordia/templates/admin/concordia/project/item_import.html", "content": "{% extends \"admin/change_form.html\" %}\n\n{% load i18n admin_urls %}\n\n\n{% block content %}\n
    \n {% if import_job %}\n

    \n Task ID {{ import_job }}\n created to import {{ form.cleaned_data.import_url }}\n

    \n \n {% else %}\n
    \n {% csrf_token %}\n\n \n\n {{ form.non_field_errors }}\n\n {% if form.errors %}\n

    Please fix the errors below:

    \n {% endif %}\n\n
    \n
    \n \n {{ form.import_url }}\n\n
      \n {% for error in form.import_url.errors %}\n
    • {{ error }}
      • \n {% endfor %}\n
    \n\n
      \n
    • https://www.loc.gov/item/mss859430231
      • \n
    • https://www.loc.gov/collections/branch-rickey-papers/
      • \n
    • https://www.loc.gov/item/mss859430231
      • \n
    • https://www.loc.gov/search/?q=group%3Amal&fa=online-format!%3Aonline+text
      • \n
    \n
    \n
    \n\n
    \n \n
    \n
    \n {% endif %}\n
    \n{% endblock content %}\n" }, { "path": "concordia/templates/admin/concordia/simplepage/change_form.html", "content": "{% extends \"admin/change_form.html\" %}\n\n{% block extrahead %}\n {{ block.super }}\n\n {% include 'fragments/codemirror.html' %}\n{% endblock extrahead %}\n\n{% block content %}\n {{ block.super }}\n{% endblock content %}\n" }, { "path": "concordia/templates/admin/concordia/transcription/change_form.html", "content": "{% extends \"admin/change_form.html\" %}\n\n{% load i18n admin_urls humanize %}\n\n{% block object-tools-items %}\n {% if original.pk %}\n
  • \n \n Campaign\n \n
    • \n
  • \n \n Project\n \n
    • \n
  • \n \n Item\n \n
    • \n
  • \n \n Asset\n \n
    • \n {% if original.supersedes_id %}\n
  • \n \n Previous Version\n \n
    • \n {% endif %}\n {% with original.superseded_by.first as superseded_by %}\n {% if superseded_by %}\n
  • \n \n Next Version\n \n
    • \n {% endif %}\n {% endwith %}\n {% endif %}\n {{ block.super }}\n{% endblock object-tools-items %}\n" }, { "path": "concordia/templates/admin/index.html", "content": "{% extends 'admin/index.html' %}\n\n{% load static i18n %}\n\n{% block sidebar %}\n
    \n
    \n

    Site Operations

    \n \n
    \n
    \n

    {% trans 'Recent actions' %}

    \n

    {% trans 'My actions' %}

    \n {% load log %}\n {% get_admin_log 10 as admin_log for_user user %}\n {% if not admin_log %}\n

    {% trans 'None available' %}

    \n {% else %}\n
      \n {% for entry in admin_log %}\n
    • \n {% if entry.is_deletion or not entry.get_admin_url %}\n {{ entry.object_repr }}\n {% else %}\n {{ entry.object_repr }}\n {% endif %}\n
      \n {% if entry.content_type %}\n {% filter capfirst %}{{ entry.content_type }}{% endfilter %}\n {% else %}\n {% trans 'Unknown content' %}\n {% endif %}\n
      • \n {% endfor %}\n
    \n {% endif %}\n
    \n
    \n

    Application Version

    \n

    {{ APPLICATION_VERSION }}

    \n
    \n
    \n{% endblock sidebar%}\n" }, { "path": "concordia/templates/admin/long_name_filter.html", "content": "{% load i18n %}\n

    {% blocktranslate with filter_title=title %} By {{ filter_title }} {% endblocktranslate %}

    \n\n" }, { "path": "concordia/templates/admin/process_bagit.html", "content": "{% extends \"admin/base.html\" %}\n\n{% block messages %}\n {% comment %} This is displayed elswhere {% endcomment %}\n{% endblock messages %}\n\n{% block extrahead %}\n {{ block.super }}\n \n{% endblock %}\n\n{% block content %}\n
    \n\n

    \n This feature will accept a zip file, process and convert to Loc.gov structure and re-zip it back\n \n

    \n
    \n
    \n {% csrf_token %}\n {{ form.as_p }}\n
    \n \n
    \n
    \n
    \n\n\n {% if messages %}\n

    Messages

    \n
      \n {% for message in messages %}\n
    • = DEFAULT_MESSAGE_LEVELS.ERROR %}message-error{% elif message.level >= DEFAULT_MESSAGE_LEVELS.WARNING %}message-warning{% endif %}\">{{ message }}
      • \n {% endfor %}\n
    \n {% endif %}\n
    \n{% endblock content %}\n" }, { "path": "concordia/templates/admin/project_level_export.html", "content": "{% extends \"admin/base.html\" %}\n\n{% block messages %}\n {% comment %} This is displayed elswhere {% endcomment %}\n{% endblock messages %}\n\n{% block extrahead %}\n {{ block.super }}\n \n{% endblock %}\n\n{% block content %}\n
    \n {% if campaigns %}\n

    Campaigns

    \n
      \n \n \n \n \n \n \n \n {% for campaign in campaigns %}\n \n \n \n \n {% endfor %}\n
      Campaign Title
      {{ campaign.title }}List Projects
      \n
    \n\n {% else %}\n\n {% if projects %}\n All Campaigns\n

    Projects

    \n
    \n {% csrf_token %}\n
      \n \n \n \n \n \n \n \n \n {% for project in projects %}\n \n \n \n\n \n {% endfor %}\n
      Project Title
      {{ project.title }}
      \n \n
    \n\n
    \n\n {% endif %}\n {% endif %}\n {% if messages %}\n

    Messages

    \n
      \n {% for message in messages %}\n = DEFAULT_MESSAGE_LEVELS.ERROR %}message-error{% elif message.level >= DEFAULT_MESSAGE_LEVELS.WARNING %}message-warning{% endif %}\">\n {{ message }}\n {% endfor %}\n
    \n {% endif %}\n
    \n{% endblock content %}\n" }, { "path": "concordia/templates/base.html", "content": "{% spaceless %}\n {% load static django_vite %}\n{% endspaceless %}\n\n \n \n \n \n {% block full_title %}By the People\n {% block title %}\n {% if title %}\n {{ title }}{% else %}Untitled\n {% endif %}\n {% endblock title %}\n {% endblock full_title %}\n \n \n \n {% include \"fragments/common-stylesheets.html\" %}\n {% block prefetch %}\n \n {% if CONCORDIA_ENVIRONMENT == \"production\" %}\n \n {% endif %}\n \n \n {% endblock prefetch %}\n \n {% block head_content %}\n {% vite_hmr_client %}\n {% endblock head_content %}\n {% block extra_scripts %}{% endblock %}\n {% comment %}\n Adobe's tag manager requires this script to be placed at the top even though it's bad\nfor performance:\n {% endcomment %}\n {% if CONCORDIA_ENVIRONMENT == \"production\" %}\n \n {% else %}\n \n {% endif %}\n \n \n {% block site-header %}\n
    \n \n
    \n {% endblock site-header %}\n\n {% block breadcrumbs-container %}\n \n {% endblock breadcrumbs-container %}\n\n {% block site-main %}\n
    \n\n {% block messages-container %}\n