-
Notifications
You must be signed in to change notification settings - Fork 37
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #752 from 18F/ato-documentation
ATO Documentation
- Loading branch information
Showing
19 changed files
with
1,075 additions
and
520 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,3 @@ | ||
package-lock.json binary | ||
requirements.txt binary | ||
Pipfile.lock binary |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
# Tock documentation | ||
|
||
Welcome to the Tock documentation. This documentation is written in | ||
[GitHub-flavored markdown][gh-md] and is best read using the GitHub interface. | ||
|
||
## Table of Contents | ||
|
||
- [Getting Started with Local Tock Development](local-development.md) | ||
- [Tock API](api.md) | ||
- [Tock Authentication](authentication.md) | ||
- [Tock Deployment Process](deployment-process.md) | ||
- [Tock Release Management](release-management.md) | ||
- [Tock Logging](logging.md) | ||
- [Tock Developer Onboarding](onboarding.md) | ||
- [Tock Developer Offboarding](offboarding.md) | ||
|
||
[gh-md]: https://guides.github.com/features/mastering-markdown/#GitHub-flavored-markdown |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
# Tock API | ||
|
||
[:arrow_left: Back to Tock | ||
Documentation](https://github.com/18F/tock/tree/master/docs) | ||
|
||
Tock has an API! You may issue GET requests to various [endpoints](https://github.com/18F/tock/tree/master/api-docs) via the /api/ path with results returned as JSON objects. We use Django REST framework's TokenAuthentication library which requires all requests to include a token value in your request header using the following format (a cURL command line based request is used for this example for getting project data from our Tock deployment): | ||
|
||
``` | ||
$ curl https://tock.18f.gov/api/projects.json -H 'Authorization: Token randomalphanumericstringed854b18ba024327' | ||
``` | ||
|
||
To obtain your own Tock API authorization token, please visit | ||
[#tock-dev](https://gsa-tts.slack.com/messages/tock-dev/) on Slack and ping a | ||
Tock Developer. | ||
|
||
To access similar data in CSV format from within Tock, please visit the | ||
[/reports](https://tock.18f.gov/reports) page. | ||
|
||
# Usages | ||
|
||
The Tock API is used in various ways by Tock Administrators and Tock Users. | ||
Below are some examples of Tock API usage. | ||
|
||
- [AngryTock Slack Bot](https://github.com/18F/angrytock) | ||
- [Google App Script](https://github.com/18F/tock-gas-ts) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,75 @@ | ||
## Tock Authentication | ||
|
||
[:arrow_left: Back to Tock | ||
Documentation](https://github.com/18F/tock/tree/master/docs) | ||
|
||
18F's current deployment of Tock relies on | ||
[cloud.gov's User Account and Authentication (UAA) server][UAA] for | ||
authentication. | ||
|
||
During development, a ["fake" cloud.gov UAA server][fakeUAA] is used for | ||
authentication. Here you can actually enter any email address; if the | ||
address is `@gsa.gov`, then a non-staff account will automatically | ||
be created for the user and you'll be logged-in, but otherwise access | ||
will be denied. | ||
|
||
The easiest way to create an administrative user is to first use | ||
`manage.py createsuperuser` to create a user, and then log in | ||
with that user's email address. See the "Getting Started" section | ||
for an example of this. | ||
|
||
[UAA]: https://cloud.gov/docs/apps/leveraging-authentication/ | ||
[fakeUAA]: http://cg-django-uaa.readthedocs.io/en/latest/quickstart.html#using-the-fake-cloud-gov-server | ||
|
||
### Creating UAA Clients for Tock | ||
|
||
Tock leverages [UAA authentication provided by cloud.gov][cg-uaa-auth] to | ||
authenticate users. This document talks about how to create and rotate these UAA | ||
clients using the [cf-cli][]. The following documentation assumes you are | ||
[comfortable using the cf-cli][cf-cli-docs]. | ||
|
||
[cf-cli]: https://github.com/cloudfoundry/cli | ||
[cf-cli-docs]: https://docs.cloudfoundry.org/cf-cli/install-go-cli.html | ||
|
||
#### Creating a UAA client | ||
|
||
Go read the [cloud.gov identity provider documentation][cg-uaa-auth] to learn | ||
about creating the oAuth client. The Tock application only requires the `openid` | ||
scope for the oAuth client. | ||
|
||
Tock uses the following naming convention for oAuth clients Service Instances | ||
and Service Keys. | ||
|
||
##### Production oAuth client Service Name Example | ||
|
||
```shell | ||
${APP_NAME}-${SERVICE_PLAN_NAME} | ||
``` | ||
|
||
For instance, the Production oAuth client Service is called `tock-oauth-client`. | ||
|
||
##### Production oAuth client Service Key Example | ||
|
||
```shell | ||
${APP_NAME}-${SERVICE_PLAN_NAME}-${YEARMONTHDAY} | ||
``` | ||
|
||
For instance, the Production oAuth client Service Key is called | ||
`tock-oauth-client-20180307` because it was created on March 7th, 2018. | ||
|
||
[cg-uaa-auth]: https://cloud.gov/docs/services/cloud-gov-identity-provider/ | ||
|
||
#### Setting the Redirect URI | ||
|
||
The redirect URI for Tock is whatever the URL is for the application with a path | ||
of `/auth/callback` | ||
|
||
##### Production Redirect URI Example | ||
|
||
```shell | ||
# ... | ||
-c '{"redirect_uri": ["https://tock.18f.gov/auth/callback"]}' | ||
``` | ||
|
||
Keep in mind that if you're deploying multiple Tock applications with different | ||
URLs, you can add multiple `redirect_uri` URLs that end in `/auth/callback`. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
# Dependency management | ||
|
||
## Python | ||
|
||
Tock uses [Pipenv] to manage development and production dependencies. | ||
In development and continuous integration the python environment is | ||
established with `pipenv install --dev`. To acommodate 3rd party tools | ||
which do not yet support [Pipenv] a `requirements.txt` file, containing | ||
only production dependencies, is generated by [Pipenv] and included in | ||
the repository. | ||
|
||
Development and production dependencies can be updated locally with: | ||
```sh | ||
pipenv update --dev | ||
pipenv lock --requirements > requirements.txt | ||
``` | ||
|
||
## Javascript | ||
|
||
Tock uses [npm] to manage javascript dependencies. | ||
|
||
Dependencies can be updated locally with: | ||
```sh | ||
npm update | ||
``` | ||
|
||
[Pipenv]: https://docs.pipenv.org/ | ||
[npm]: https://www.npmjs.com |
Oops, something went wrong.