文件列表:

securethenews-develop/ (0, 2022-01-05)
securethenews-develop/.circleci/ (0, 2022-01-05)
securethenews-develop/.circleci/config.yml (4634, 2022-01-05)
securethenews-develop/.dockerignore (92, 2022-01-05)
securethenews-develop/.flake8 (129, 2022-01-05)
securethenews-develop/LICENSE (34520, 2022-01-05)
securethenews-develop/Makefile (5895, 2022-01-05)
securethenews-develop/Pipfile (222, 2022-01-05)
securethenews-develop/Pipfile.lock (25770, 2022-01-05)
securethenews-develop/api/ (0, 2022-01-05)
securethenews-develop/api/__init__.py (0, 2022-01-05)
securethenews-develop/api/apps.py (81, 2022-01-05)
securethenews-develop/api/filters.py (1115, 2022-01-05)
securethenews-develop/api/serializers.py (2435, 2022-01-05)
securethenews-develop/api/tests.py (3819, 2022-01-05)
securethenews-develop/api/urls.py (709, 2022-01-05)
securethenews-develop/api/views.py (2297, 2022-01-05)
securethenews-develop/blog/ (0, 2022-01-05)
securethenews-develop/blog/__init__.py (0, 2022-01-05)
securethenews-develop/blog/admin.py (94, 2022-01-05)
securethenews-develop/blog/apps.py (147, 2022-01-05)
securethenews-develop/blog/migrations/ (0, 2022-01-05)
securethenews-develop/blog/migrations/0001_initial.py (1053, 2022-01-05)
securethenews-develop/blog/migrations/0002_remove_blogpost_intro.py (379, 2022-01-05)
securethenews-develop/blog/migrations/0003_blogindexpage.py (787, 2022-01-05)
securethenews-develop/blog/migrations/0004_auto_20160930_1830.py (671, 2022-01-05)
securethenews-develop/blog/migrations/0005_blogpost_convert_richtextfield_to_streamfield.py (1145, 2022-01-05)
securethenews-develop/blog/migrations/0006_auto_20200203_1856.py (753, 2022-01-05)
securethenews-develop/blog/migrations/__init__.py (0, 2022-01-05)
securethenews-develop/blog/models.py (2208, 2022-01-05)
securethenews-develop/blog/signals.py (801, 2022-01-05)
securethenews-develop/blog/templates/ (0, 2022-01-05)
securethenews-develop/blog/templates/blog/ (0, 2022-01-05)
securethenews-develop/blog/templates/blog/blog_index_page.html (877, 2022-01-05)
securethenews-develop/blog/templates/blog/blog_post.html (1137, 2022-01-05)
... ...

> By contributing to this project, you agree to abide by our [Code of Conduct](https://github.com/freedomofpress/.github/blob/main/CODE_OF_CONDUCT.md). # Secure the News **This project has been retired. Please see our blog post for more information:** https://freedom.press/news/five-years-of-secure-the-news/ ## Prerequisites The installation instructions below assume you have the following software on your machine: * [pipenv](https://docs.pipenv.org/#install-pipenv-today) * [docker](https://docs.docker.com/engine/installation/) Note that you can either install docker-compose natively or via pipenv. If you choose the pipenv route you'll need to run these commands: ```bash # The very first time run $ pipenv install # Each subsequent time run this to enter a virtualenv shell $ pipenv shell ``` ## Local Development Instructions Then run the following, which will be need to be run once at clone of this repo: ```bash make dev-init ``` To start up the development environment you can use the normal `docker-compose` flow: ```bash docker-compose up ``` If this command completes successfully, your development site will be available at: http://localhost:8000 To import the example data, run: ```bash docker-compose exec django ./manage.py createdevdata ``` This will also create an admin user for the web interface at http://localhost:8000/admin/ (username: test, password: test). If you want to start the TLS scan for all the news sites in your development environment, run: ```bash make dev-scan ``` For a full list of all helper commands in the Makefile, run `make help`. And, of course, you can obtain a shell directly into any of the containers using `docker-compose` syntax. Just keep in mind the default shell is `ash` under alpine. Here is an example of entering the django container: ```bash $ docker-compose exec django ash ``` ### Debugging If you want to use the [PDB](https://docs.python.org/3/library/pdb.html) program for debugging, it is possible. First, add this line to an area of the code you wish to debug: ``` import ipdb; ipdb.set_trace() ``` Second, attach to the running Django container. This must be done in a shell, and it is within this attached shell that you will be able to interact with the debugger. The command to attach is `docker attach `, and on UNIX-type systems, you can look up the ID and attach to the container with this single command: ``` docker attach $(docker-compose ps -q django) ``` Once you have done this, you can load the page that will run the code with your `import ipdb` and the debugger will activate in the shell you attached. To detach from the shell without stopping the container press `Control+P` followed by `Control+Q`. ## Getting Started with the Production Environment The environment is fairly similar to development with the exception that your code will not auto-reload and be reflected in the container. So this is not a great environment to development under but it reflects a production-like environment run under `gunicorn` and behind a reverse-proxy nginx server. The flow is this: ```bash # Build the prod container (everytime you make a code-change need to re-do this) make build-prod-container # Run the prod environment docker-compose -f prod-docker-compose.yaml up # Run production apptests make app-tests-prod # Run ops tests make ops-tests # Teardown prod docker-compose -f prod-docker-compose.yaml down ``` ### Dependency Management #### Adding new requirements New requirements should be added to `*requirements.in` files, for use with `pip-compile`. There are two Python requirements files: * `requirements.in` production application dependencies * `dev-requirements.in` local testing and CI requirements Add the desired dependency to the appropriate `.in` file, then run: ``` $ make compile-pip-dependencies ``` All requirements files will be regenerated based on compatible versions. Multiple `.in` files can be merged into a single `.txt` file, for use with `pip`. The Makefile target handles the merging of multiple files. This process is the same if a requirement needs to be changed (i.e. its version number restricted) or removed. Make the appropriate change in the correct `requirements.in` file, then run the above command to compile the dependencies. #### Upgrading existing requirements There are separate commands to upgrade a package without changing the `requirements.in` files. The command ``` $ make upgrade-pip PACKAGE=package-name ``` will update the package named `package-name` to the latest version allowed by the constraints in `requirements.in` and compile a new `dev-requirements.txt` and `requirements.txt` based on that version. If the package appears only in `dev-requirements.in`, then you must use this command: ``` $ make upgrade-pip-dev PACKAGE=package-name ``` which will update the package named `package-name` to the latest version allowed by the constraints in `requirements.in` and compile a new `dev-requirements.txt`. ### Development Fixtures The `createdevdata` management commands loads Site and Scan data from the fixtures in `sites/fixtures/dev.json`. If you change the schema of `sites.Site` or `sites.Scan`, you will need to update these fixtures, **or future invocations of `createdevdata` will fail.** The general process for updating the development fixtures is: 1. Migrate your database to the last migration where the fixtures were updated. 2. Load the fixtures. 3. Run the migrations that you've added. 4. Export the migrated fixtures: ``` $ python3 manage.py dumpdata sites.{Site,Scan} > sites/fixtures/dev.json ``` The test suite includes a smoke test for `createdevdata`, so you can easily verify that the command is working without disrupting your own development environment. ## API If everything is working correctly, you should be able to find an API endpoint at `localhost:8000/api` (it will redirect to the current API version). The API is read-only and can be used to obtain site metadata and the latest scan for a given site (e.g., `/api/v1/sites` will return a directory, and `/api/v1/sites/bbc.co.uk` will return details about the BBC). Various filters and sort options are supported; click the "filters" dialog in the UI to explore them. To get all scans for a given site, you can use a path like `/api/v1/sites/bbc.co.uk/scans`. This URL can also be found in the all_scans field for a given site result. If you run a public site, note that read access to the API is available to any origin via CORS. The API is implemented using the Django REST framework; documentation for it can be found here: http://www.django-rest-framework.org/

近期下载者：

相关文件：

评论：[我要评论] [举报此文件]

收藏者：