Merge integration into deployment-portage for release 4.1.1+portage-4.7.0

.github/workflows/brakeman.yml

@@ -8,7 +8,7 @@ jobs:
     runs-on: ubuntu-22.04
 
     steps:
-    - uses: actions/checkout@v5
+    - uses: actions/checkout@v6
 
     # Will run Brakeman checks on dependencies
     #   https://github.com/marketplace/actions/brakeman-action

.github/workflows/danger.yml

@@ -7,7 +7,7 @@ jobs:
     runs-on: ubuntu-22.04
 
     steps:
-    - uses: actions/checkout@v5
+    - uses: actions/checkout@v6
 
     # Install Ruby and run bundler
     - uses: ruby/setup-ruby@v1

.github/workflows/docker-push-image.yml

@@ -19,22 +19,22 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Check out the repo
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       # Buildx allows for advanced Docker build features like multi-platform builds and layer caching
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@v4
 
       - name: Log in to Docker Hub
-        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef
+        uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
 
       # Extract metadata for app image
       - name: Extract metadata (tags) for Docker app Image
         id: meta_app
-        uses: docker/metadata-action@v5
+        uses: docker/metadata-action@v6
         with:
           images: ualbertalib/dmp_roadmap
           flavor: |
@@ -55,7 +55,7 @@ jobs:
       # Extract metadata for assets image
       - name: Extract metadata (tags) for Docker assets image
         id: meta_assets
-        uses: docker/metadata-action@v5
+        uses: docker/metadata-action@v6
         with:
           images: ualbertalib/dmp_roadmap
           flavor: |
@@ -75,7 +75,7 @@ jobs:
 
 
       - name: Build and push the app stage image
-        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83
+        uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294
         with:
           context: .
           file: Dockerfile.production
@@ -89,7 +89,7 @@ jobs:
           cache-to: type=registry,ref=ualbertalib/dmp_roadmap:build-cache-app,mode=max
 
       - name: Build and push the assets stage image
-        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83
+        uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294
         with:
           context: .
           file: Dockerfile.production

.github/workflows/eslint.yml

@@ -8,8 +8,8 @@ jobs:
     runs-on: ubuntu-22.04
 
     steps:
-    - uses: actions/checkout@v5
-    - uses: actions/setup-node@v5
+    - uses: actions/checkout@v6
+    - uses: actions/setup-node@v6
       with:
         node-version: '20.15.1'
         cache: 'yarn'

.github/workflows/mysql.yml

@@ -14,7 +14,7 @@ jobs:
 
     steps:
     # Checkout the repo
-    - uses: actions/checkout@v5
+    - uses: actions/checkout@v6
 
     # Install Ruby and run bundler
     - uses: ruby/setup-ruby@v1
@@ -23,7 +23,7 @@ jobs:
         bundler-cache: true
 
     # Install Node
-    - uses: actions/setup-node@v5
+    - uses: actions/setup-node@v6
       with:
         node-version: '20.15.1'
         cache: 'yarn'

.github/workflows/postgres.yml

@@ -30,7 +30,7 @@ jobs:
 
     steps:
     # Checkout the repo
-    - uses: actions/checkout@v5
+    - uses: actions/checkout@v6
 
     # Install Ruby and run bundler
     - uses: ruby/setup-ruby@v1
@@ -42,7 +42,7 @@ jobs:
     ## /home/runner/runners/2.301.1/externals/node12/bin/node: --openssl-legacy-provider is not allowed in NODE_OPTIONS
 
     # Install Node
-    - uses: actions/setup-node@v5
+    - uses: actions/setup-node@v6
       with:
         node-version: '20.15.1'
         cache: 'yarn'
@@ -82,7 +82,7 @@ jobs:
     - name: Remove image-bundled Chrome
       run: sudo apt-get purge google-chrome-stable
     - name: Setup stable Chrome
-      uses: browser-actions/setup-chrome@v1
+      uses: browser-actions/setup-chrome@v2
       with:
         chrome-version: 128
         install-chromedriver: true

.github/workflows/rubocop.yml

@@ -7,7 +7,7 @@ jobs:
     runs-on: ubuntu-22.04
 
     steps:
-    - uses: actions/checkout@v5
+    - uses: actions/checkout@v6
 
     - name: 'Determine Ruby and Bundler Versions from Gemfile.lock'
       run: |

.github/workflows/ruby.yml

@@ -40,7 +40,7 @@ jobs:
 
     steps:
     # Checkout the repo
-    - uses: actions/checkout@v5
+    - uses: actions/checkout@v6
 
     # Install Ruby and run bundler
     - uses: ruby/setup-ruby@v1
@@ -49,7 +49,7 @@ jobs:
         bundler-cache: true
 
     # Install Node
-    - uses: actions/setup-node@v5
+    - uses: actions/setup-node@v6
       with:
         node-version: '20.15.1'
         cache: 'yarn'
@@ -86,7 +86,7 @@ jobs:
     - name: Remove image-bundled Chrome
       run: sudo apt-get purge google-chrome-stable
     - name: Setup stable Chrome
-      uses: browser-actions/setup-chrome@v1
+      uses: browser-actions/setup-chrome@v2
       with:
         chrome-version: 128
         install-chromedriver: true

CHANGELOG.md

@@ -1,5 +1,72 @@
 # Changelog
 
+## [Unreleased]
+
+### Added
+
+ - Add rake task to clean up unmanaged orgs w/ users [#1250](https://github.com/portagenetwork/roadmap/pull/1250)
+
+ - Implement tiered Rack::Attack throttles [#1254](https://github.com/portagenetwork/roadmap/pull/1254)
+
+ - Add Internal v2 API Access Token Generation for Users [#1279](https://github.com/portagenetwork/roadmap/pull/1279)
+
+ - Add `bundle exec rails db:migrate` to entrypoint.sh [#1278](https://github.com/portagenetwork/roadmap/pull/1278)
+
+ - Add copy button next to V2 API Token [#1283](https://github.com/portagenetwork/roadmap/pull/1283)
+
+ - Initial v2 API Implementation & Doorkeeper OAuth Integration [#1276](https://github.com/portagenetwork/roadmap/pull/1276)
+
+ - API v2: Sanitize user-supplied fields in responses [#1303](https://github.com/portagenetwork/roadmap/pull/1303)
+
+ - Add v2 API documentation to API Access page [#1300](https://github.com/portagenetwork/roadmap/pull/1300) 
+
+### Changed
+
+ - Upgrade ROR API From V1 to V2 [#1247](https://github.com/portagenetwork/roadmap/pull/1247)
+
+ - Update plan json export to use V2 API complete plan endpoint [#1293](https://github.com/portagenetwork/roadmap/pull/1293)
+
+ - Redesign and Edit Welcome, Help, and About pages and Remove Public DMPs Page [#1299](https://github.com/portagenetwork/roadmap/pull/1299)
+
+ - Update expiry time of v2 API internal access token [#1308](https://github.com/portagenetwork/roadmap/pull/1308)
+
+### Dependency Updates
+
+ - chore(deps): bump nginx from 1.29.3-alpine to 1.29.4-alpine [#1246](https://github.com/portagenetwork/roadmap/pull/1246)
+
+ - chore(deps): bump actions/checkout from 5 to 6 [#1236](https://github.com/portagenetwork/roadmap/pull/1236)
+
+ - chore(deps): bump omniauth from 2.1.2 to 2.1.4 [#1201](https://github.com/portagenetwork/roadmap/pull/1201)
+
+ - chore(deps): bump browser-actions/setup-chrome from 1 to 2 [#1138](https://github.com/portagenetwork/roadmap/pull/1138)
+
+ - chore(deps): bump webpack from 5.94.0 to 5.102.1 [#1206](https://github.com/portagenetwork/roadmap/pull/1206)
+
+ - chore(deps): bump actions/setup-node from 5 to 6 [#1211](https://github.com/portagenetwork/roadmap/pull/1211)
+
+ - chore(deps): bump surnet/alpine-wkhtmltopdf from 3.22.0-0.12.6-small to 3.23.2-0.12.6-small [#1258](https://github.com/portagenetwork/roadmap/pull/1258)
+
+ - chore(deps): bump docker/login-action from 3.6.0 to 3.7.0 [#1268](https://github.com/portagenetwork/roadmap/pull/1268)
+
+ - chore(deps): bump docker/build-push-action from 6.18.0 to 6.19.2 [#1277](https://github.com/portagenetwork/roadmap/pull/1277)
+
+ - chore(deps): bump nginx from 1.29.4-alpine to 1.29.5-alpine [#1271](https://github.com/portagenetwork/roadmap/pull/1271)
+
+ - `bundle update httparty` [#1291](https://github.com/portagenetwork/roadmap/pull/1291)
+   - (See [#1288](https://github.com/portagenetwork/roadmap/pull/1288) for more)
+
+ - chore(deps): bump docker/login-action from 3.7.0 to 4.0.0 [#1290](https://github.com/portagenetwork/roadmap/pull/1290)
+
+ - chore(deps): bump docker/setup-buildx-action from 3 to 4 [#1295](https://github.com/portagenetwork/roadmap/pull/1295)
+
+ - chore(deps): bump docker/metadata-action from 5 to 6 [#1298](https://github.com/portagenetwork/roadmap/pull/1298)
+
+ - chore(deps): bump docker/build-push-action from 6.19.2 to 7.0.0 [#1297](https://github.com/portagenetwork/roadmap/pull/1297)
+
+ - chore(deps): bump nginx from 1.29.5-alpine to 1.29.6-alpine [#1302](https://github.com/portagenetwork/roadmap/pull/1302)
+
+ - chore(deps): bump eslint-plugin-import from 2.27.5 to 2.32.0 [#1149](https://github.com/portagenetwork/roadmap/pull/1149)
+
 ## [4.1.1+portage-4.6.2]
 
 ### Added

Dockerfile.production

@@ -1,8 +1,8 @@
-FROM surnet/alpine-wkhtmltopdf:3.22.0-0.12.6-small AS wkhtmltopdf
+FROM surnet/alpine-wkhtmltopdf:3.23.2-0.12.6-small AS wkhtmltopdf
 
 FROM ruby:3.1.4-alpine AS builder
 
 ENV INSTALL_PATH=/usr/src/app \
     RAILS_ENV=production \
     NODE_ENV=production \
     BUNDLE_WITHOUT='development:test:mysql:aws:sandbox:ci:wkhtmltopdf' \
@@ -139,7 +139,7 @@
 ENTRYPOINT ["/usr/bin/entrypoint.sh"]
 
 # nginx stage to serve static assets
-FROM nginx:1.29.3-alpine AS assets
+FROM nginx:1.29.6-alpine AS assets
 
 ENV INSTALL_PATH=/usr/src/app
 

Gemfile

@@ -88,6 +88,8 @@ gem 'devise'
 # An invitation strategy for Devise (https://github.com/scambra/devise_invitable)
 gem 'devise_invitable'
 
+gem 'doorkeeper'
+
 # A generalized Rack framework for multiple-provider authentication.
 # (https://github.com/omniauth/omniauth)
 gem 'omniauth'