The Publishing & Information Hub will be responsible for the following:
- Receiving data from source systems, such as Schedule & Listing, via Hearings Management Interface
- Publish lists, outcomes, judgements and management information onto GOV.UK
- Provide functionality to display information in court and tribunals buildings on the relevant hardware
- Comply with Open Justice procedures and business rules.
Running the application requires the following tools to be installed in your environment:
Some of the pages within this app are secured via authentication.
There are two modes for authentication:
- OIDC
- Custom Strategy.
The OIDC connect strategy integrates with Azure. When users try to access an authenticated page, they will be presented with the logon screen.
To use this strategy, set the 'OIDC' environment variable to 'true' when starting up the app.
Alternatively, users can use the Custom Strategy which is the default. Rather than integrating with Azure, user will need to set up mocked user via mock-session screens. See the Authentication.ts file for details on how this is done
Here is a list of environment variables needed to launch the app:
| Name | Value |
|---|---|
| CLIENT_SECRET | This is used to communicate with Azure (OIDC mode only) |
| SESSION_SECRET | A random string |
| OIDC | (Optional) - Set to 'true' to enable OIDC mode. |
| FRONTEND_URL | (Optional) - This is the host that you are redirected back to from Azure. Default is staging. |
Passing these variables can be done via
$ (Linux) export CLIENT_SECRET=<VALUE_GOES_HERE>
$ (Windows) set CLIENT_SECRET<VALUE_GOES_HERE>or, in intellij you can pass them in the Run Configuration.
Install dependencies by executing the following command:
$ yarn installBundle:
$ yarn webpackStart Redis Locally:
To connect locally run bellow command and rename connection string from rediss to redis in cacheManager.ts (line 13)
$ docker run -d -p 6379:6379 redisRun:
$ yarn startor Run Dev mode:
$ yarn start:devThe applications's home page will be available at https://localhost:8080
Create docker image:
docker-compose buildRun the application by executing the following command:
docker-compose upThis will start the frontend container exposing the application's port
(set to 8080 in this template app).
In order to test if the application is up, you can visit https://localhost:8080 in your browser.
We use ESLint alongside sass-lint
Running the linting with auto fix:
$ yarn lint --fixThis template app uses Jest as the test engine. You can run unit tests by executing the following command:
$ yarn testHere's how to run functional tests (the template contains just one sample test):
$ yarn test:routesRunning accessibility tests:
$ yarn test:a11yMake sure all the paths in your application are covered by accessibility tests (see a11y.ts).
Running end-to-end tests:
There are two ways to run E2E tests. Against a locally running version of the application, and remotely against the branch.
If running locally, stand up the application and run the following:
$ yarn test:functional-devMake sure to have application running in developer mode first while testing locally, otherwise tests will fail. To test in development mode run: yarn start:dev
If running against a remote instance (e.g a PR), then the following env variables need to be set:
| Name | Value |
|---|---|
| TEST_URL | The URL where the instance you would like to test against is hosted (https://:) |
| (Optional) USE_PROTOTYPE | If the instance uses the prototype, then this flag must be set to TRUE |
The following command is run by the jenkins pipeline, although can be run locally, it will run in HEADLESS mode.
$ yarn test:functionalCross-Site Request Forgery prevention has already been
set up in this template, at the application level. However, you need to make sure that CSRF token
is present in every HTML form that requires it. For that purpose you can use the csrfProtection macro,
included in this template app. Your njk file would look like this:
{% from "macros/csrf.njk" import csrfProtection %}
...
<form ...>
...
{{ csrfProtection(csrfToken) }}
...
</form>
...
This application uses Helmet, which adds various security-related HTTP headers to the responses. Apart from default Helmet functions, following headers are set:
There is a configuration section related with those headers, where you can specify:
referrerPolicy- value of theReferrer-Policyheader
Here's an example setup:
"security": {
"referrerPolicy": "origin",
}Make sure you have those values set correctly for your application.
The application exposes a health endpoint (https://localhost:8080/health), created with the use of Nodejs Healthcheck library. This endpoint is defined in health.ts file. Make sure you adjust it correctly in your application. In particular, remember to replace the sample check with checks specific to your frontend app, e.g. the ones verifying the state of each service it depends on.
This project is licensed under the MIT License - see the LICENSE file for details.