New folder MAGERIT with Threats and Safeguards Catalogue

.dockerignore

@@ -1,7 +1,9 @@
 *.pyc
 *.DS_Store
 *~$*
-**/*.mo
 .git*
 .pytest*
 .idea*
+venv/
+env/
+**/node_modules/

.eslintrc.js

@@ -0,0 +1,16 @@
+{
+    "rules": {
+      "@typescript-eslint/no-unused-vars": [
+        "error",
+        {
+          "args": "all",
+          "argsIgnorePattern": "^_",
+          "caughtErrors": "all",
+          "caughtErrorsIgnorePattern": "^_",
+          "destructuredArrayIgnorePattern": "^_",
+          "varsIgnorePattern": "^_",
+          "ignoreRestSiblings": true
+        }
+      ]
+    }
+  }

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,23 @@
+---
+name: Feature Request
+about: Suggestions for new features and improvements
+title: ""
+labels: "question"
+assignees: ""
+---
+
+**Problem statement**
+I want to be able to do X, but the current implementation only allows for Y.
+
+**Expected behavior**
+
+1. Go to '...'
+2. Click on '....'
+3. Scroll down to '....'
+4. See error
+
+**Mock**
+If applicable, add screenshots to help explain the expectation.
+
+**Additional context**
+Add any other context about the problem here.

.github/workflows/backend-api-tests.yml

@@ -0,0 +1,78 @@
+name: API Tests
+
+on:
+  pull_request:
+    branches: [main, develop]
+    types: [opened, synchronize]
+    paths:
+      - "backend/**"
+      - ".github/workflows/backend-api-tests.yml"
+    workflow_dispatch:
+
+env:
+  GITHUB_WORKFLOW: github_actions
+  PYTHON_VERSION: "3.12"
+  UBUNTU_VERSION: "ubuntu-24.04"
+
+jobs:
+  test:
+    runs-on: ubuntu-24.04
+    env:
+      backend-directory: ./backend
+
+    strategy:
+      max-parallel: 4
+      matrix:
+        python-version: ["3.12"]
+
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up python ${{ matrix.python-version }}
+        uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python-version }}
+          cache: "pip"
+      - name: Install Poetry
+        uses: snok/install-poetry@v1
+        with:
+          virtualenvs-create: false
+          installer-parallel: true
+      - name: Install backend requirements
+        working-directory: ${{ env.backend-directory }}
+        run: poetry install
+      - name: Create environment variables file
+        working-directory: ${{env.backend-directory}}
+        run: |
+          touch .env
+          echo DJANGO_DEBUG='True' >> .env
+          echo DB_HOST=localhost >> .env
+          echo EMAIL_HOST=localhost >> .env
+          echo EMAIL_PORT=1025 >> .env
+          echo EMAIL_HOST_USER='' >> .env
+          echo EMAIL_HOST_PASSWORD='' >> .env
+          #echo EMAIL_USE_TLS=False >> .env
+          echo DEFAULT_FROM_EMAIL='[email protected]' >> .env
+          echo CISO_ASSISTANT_SUPERUSER_EMAIL='' >> .env
+          echo CISO_ASSISTANT_URL=http://127.0.0.1:5173 >> .env
+      - name: Run migrations
+        working-directory: ${{env.backend-directory}}
+        run: |
+          export $(grep -v '^#' .env | xargs)
+          poetry run python manage.py migrate
+      - name: Run API tests
+        working-directory: ${{env.backend-directory}}
+        run: |
+          export $(grep -v '^#' .env | xargs)
+          poetry run pytest app_tests/api --html=pytest-report.html --self-contained-html
+      - name: Set current date as env variable
+        if: ${{ !cancelled() }}
+        run: echo "NOW=$(date +'%Y-%m-%dT%H-%M-%S')" >> $GITHUB_ENV
+      - name: Sanitize branch name
+        if: ${{ !cancelled() }}
+        run: echo "BRANCH_SANITIZED=$(echo "${{ env.BRANCH_NAME }}" | tr "/()" "_")" >> $GITHUB_ENV
+      - uses: actions/upload-artifact@v4
+        if: ${{ !cancelled() }}
+        with:
+          name: ${{ env.BRANCH_SANITIZED }}-${{ env.NOW }}-${{ github.job }}-report-${{ matrix.python-version }}
+          path: ${{ env.backend-directory }}/pytest-report.html
+          retention-days: 5

.github/workflows/backend-coverage.yaml

@@ -0,0 +1,84 @@
+name: Backend code coverage
+
+on:
+  pull_request:
+    branches: ["main"]
+    paths:
+      - "backend/**"
+
+env:
+  GITHUB_WORKFLOW: github_actions
+  POSTGRES_VERSION: "16"
+  UBUNTU_VERSION: "ubuntu-24.04"
+  PYTHON_VERSION: "3.12"
+
+jobs:
+  build:
+    runs-on: ubuntu-24.04
+    env:
+      backend-directory: ./backend
+
+    services:
+      postgres:
+        image: postgres:16
+        env:
+          POSTGRES_USER: postgres
+          POSTGRES_PASSWORD: postgres # test credential
+          POSTGRES_DB: postgres
+        ports: ["5432:5432"]
+        options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
+
+    strategy:
+      max-parallel: 4
+      matrix:
+        python-version: ["3.12"]
+
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up python ${{ matrix.python-version }}
+        uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python-version }}
+          cache: "pip"
+      - name: Install Poetry
+        uses: snok/install-poetry@v1
+        with:
+          virtualenvs-create: false
+          installer-parallel: true
+      - name: Install backend requirements
+        working-directory: ${{ env.backend-directory }}
+        run: poetry install
+      - name: Create environment variables file
+        working-directory: ${{env.backend-directory}}
+        run: |
+          touch .env
+          echo DJANGO_DEBUG='True' >> .env
+          echo POSTGRES_NAME=postgres >> .env
+          echo POSTGRES_USER=postgres >> .env
+          echo POSTGRES_PASSWORD=postgres >> .env
+          echo DB_HOST=localhost >> .env
+          echo EMAIL_HOST=localhost >> .env
+          echo EMAIL_PORT=1025 >> .env
+          echo EMAIL_HOST_USER='' >> .env
+          echo EMAIL_HOST_PASSWORD='' >> .env
+          #echo EMAIL_USE_TLS=False >> .env
+          echo DEFAULT_FROM_EMAIL='[email protected]' >> .env
+          echo CISO_ASSISTANT_SUPERUSER_EMAIL='' >> .env
+          echo CISO_ASSISTANT_URL=http://127.0.0.1:5173 >> .env
+      - name: Run migrations
+        working-directory: ${{env.backend-directory}}
+        run: |
+          export $(grep -v '^#' .env | xargs)
+          poetry run python manage.py migrate
+      - name: Run coverage
+        working-directory: ${{env.backend-directory}}
+        env:
+          DATABASE_URL: "postgres://postgres:postgres@localhost:${{ job.services.postgres.ports[5432] }}/postgres"
+        run: |
+          export $(grep -v '^#' .env | xargs)
+          find . -path '*/tests/*' -and -name 'test*.py' -and -not -path "./venv/*" | xargs coverage run -m pytest
+      - name: Display coverage report
+        working-directory: ${{env.backend-directory}}
+        env:
+          DATABASE_URL: "postgres://postgres:postgres@localhost:${{ job.services.postgres.ports[5432] }}/postgres"
+        run: coverage report

.github/workflows/backend-linters.yaml

@@ -0,0 +1,41 @@
+name: Backend Linters
+
+on:
+  pull_request:
+    paths:
+      - "backend/**"
+
+env:
+  GITHUB_WORKFLOW: github_actions
+  PYTHON_VERSION: "3.12"
+  UBUNTU_VERSION: "ubuntu-24.04"
+
+jobs:
+  ruff:
+    runs-on: ubuntu-24.04
+    env:
+      working-directory: ./backend
+
+    strategy:
+      max-parallel: 4
+      matrix:
+        python-version: ["3.12"]
+
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up python ${{ matrix.python-version }}
+        uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python-version }}
+          cache: "pip"
+      - name: Install ruff
+        working-directory: ${{env.working-directory}}
+        run: |
+          python -m pip install ruff==0.9.2
+      - name: Run ruff format check
+        working-directory: ${{env.working-directory}}
+        run: ruff format --check .
+      # NOTE: The following will be uncommented once the codebase is cleaned up
+      # - name: ruff
+      #   working-directory: ${{env.working-directory}}
+      #   run: ruff check .

.github/workflows/backend-migrations-check.yaml

@@ -0,0 +1,110 @@
+name: Backend migrations check
+
+on:
+  pull_request:
+    branches: [main, develop]
+    types: [opened, synchronize]
+  workflow_dispatch:
+
+env:
+  GITHUB_WORKFLOW: github_actions
+  backend-directory: ./backend
+  enterprise-backend-directory: ./enterprise/backend
+  enterprise-backend-settings-module: enterprise_core.settings
+  UBUNTU_VERSION: "ubuntu-24.04"
+  PYTHON_VERSION: "3.12"
+
+jobs:
+  migrations-check:
+    runs-on: ubuntu-24.04
+
+    strategy:
+      max-parallel: 4
+      matrix:
+        python-version: ["3.12"]
+
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up python ${{ matrix.python-version }}
+        uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python-version }}
+          cache: "pip"
+      - name: Install Poetry
+        uses: snok/install-poetry@v1
+        with:
+          virtualenvs-create: false
+          installer-parallel: true
+      - name: Install backend requirements
+        working-directory: ${{ env.backend-directory }}
+        run: poetry install
+      - name: Create backend environment variables file
+        working-directory: ${{ env.backend-directory }}
+        run: |
+          touch .env
+          echo DJANGO_DEBUG=True >> .env
+          echo [email protected] >> .env
+          echo DJANGO_SUPERUSER_PASSWORD=1234 >> .env
+          echo DB_HOST=localhost >> .env
+          echo CISO_ASSISTANT_SUPERUSER_EMAIL='' >> .env
+          echo CISO_ASSISTANT_URL=http://localhost:4173 >> .env
+          echo DEFAULT_FROM_EMAIL='[email protected]' >> .env
+          echo EMAIL_HOST=localhost >> .env
+          echo [email protected] >> .env
+          echo EMAIL_HOST_PASSWORD=password >> .env
+          echo EMAIL_PORT=1025 >> .env
+      - name: Check that migrations were made
+        working-directory: ${{ env.backend-directory }}
+        run: |
+          export $(grep -v '^#' .env | xargs)
+          poetry run python manage.py makemigrations --check --dry-run --verbosity=3
+
+  enterprise-migrations-check:
+    runs-on: ubuntu-24.04
+
+    strategy:
+      max-parallel: 4
+      matrix:
+        python-version: ["3.12"]
+
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up python ${{ matrix.python-version }}
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+          cache: "pip"
+      - name: Install Poetry
+        uses: snok/install-poetry@v1
+        with:
+          virtualenvs-create: false
+          installer-parallel: true
+      - name: Install backend requirements
+        working-directory: ${{ env.backend-directory }}
+        run: poetry install
+      - name: Install enterprise backend
+        working-directory: ${{ env.enterprise-backend-directory }}
+        run: poetry install
+      - name: Create backend environment variables file
+        working-directory: ${{ env.backend-directory }}
+        run: |
+          touch .env
+          echo DJANGO_DEBUG=True >> .env
+          echo [email protected] >> .env
+          echo DJANGO_SUPERUSER_PASSWORD=1234 >> .env
+          echo DB_HOST=localhost >> .env
+          echo CISO_ASSISTANT_SUPERUSER_EMAIL='' >> .env
+          echo CISO_ASSISTANT_URL=http://localhost:4173 >> .env
+          echo DEFAULT_FROM_EMAIL='[email protected]' >> .env
+          echo EMAIL_HOST=localhost >> .env
+          echo [email protected] >> .env
+          echo EMAIL_HOST_PASSWORD=password >> .env
+          echo EMAIL_PORT=1025 >> .env
+          echo DJANGO_SETTINGS_MODULE=enterprise_core.settings >> .env
+          echo LICENSE_SEATS=999 >> .env
+      - name: Check that migrations were made
+        working-directory: ${{ env.backend-directory }}
+        run: |
+          export $(grep -v '^#' .env | xargs)
+          poetry run python manage.py makemigrations --check --dry-run --verbosity=3 --settings=${{ env.enterprise-backend-settings-module }}
+          if [ $? -ne 0 ]; then echo "::error Migrations were not made, please run the makemigrations command." && exit 1; fi