tmp

.eslintrc.js

@@ -0,0 +1,26 @@
+module.exports = {
+  env: {
+    browser: true,
+    es2021: true
+  },
+  extends: 'standard',
+  overrides: [
+    {
+      env: {
+        node: true
+      },
+      files: [
+        '.eslintrc.{js,cjs}'
+      ],
+      parserOptions: {
+        sourceType: 'script'
+      }
+    }
+  ],
+  parserOptions: {
+    ecmaVersion: 'latest',
+    sourceType: 'module'
+  },
+  rules: {
+  }
+}

.github/workflows/dependencies-security-audit.yml

@@ -0,0 +1,25 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+# This workflow will download a prebuilt Ruby version, install dependencies and run tests with Rake
+# For more information see: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby
+name: "Security audit dependencies"
+on:
+  push:
+    branches: [ master , development ]
+  pull_request:
+    branches: [ master , development]
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - name: Install Ruby and gems
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 2.7.8
+          bundler-cache: true
+      - name: Security audit dependencies
+        run: bundle exec bundler-audit --update

.github/workflows/js-lint.yml

@@ -0,0 +1,35 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+# This workflow will download a prebuilt Ruby version, install dependencies and run tests with Rake
+# For more information see: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby
+name: "Lint JS files using eslint"
+
+on:
+  push:
+  pull_request_target:
+    types: [ opened, reopened ]
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v1
+        with:
+          node-version: '16'
+
+      - name: Install dependencies
+        run: yarn install --frozen-lockfile
+
+      - name: Run ESLint and generate SARIF output
+        run: yarn lint:report | exit 0
+      - name: Upload SARIF output
+        uses: github/codeql-action/upload-sarif@v1
+        with:
+          sarif_file: eslint-results.sarif
+          wait-for-processing: true

.github/workflows/lint-rubocop.yml

@@ -0,0 +1,48 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+# This workflow will download a prebuilt Ruby version, install dependencies and run tests with Rake
+# For more information see: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby
+name: "Lint Ruby files using Rubocop"
+
+on:
+  push:
+  pull_request_target:
+    types: [ opened, reopened ]
+
+jobs:
+  rubocop:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      # If running on a self-hosted runner, check it meets the requirements
+      # listed at https://github.com/ruby/setup-ruby#using-self-hosted-runners
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@55283cc23133118229fd3f97f9336ee23a179fcf # v1.146.0
+        with:
+          ruby-version: 2.7.8
+
+      # This step is not necessary if you add the gem to your Gemfile
+      - name: Install Code Scanning integration
+        run: bundle add code-scanning-rubocop --version 0.3.0 --skip-install
+
+      - name: Install dependencies
+        run: bundle install
+
+      - name: Rubocop run
+        run: |
+          bash -c "
+            bundle exec rubocop --require code_scanning --format CodeScanning::SarifFormatter -o rubocop.sarif
+            [[ $? -ne 2 ]]
+          "
+
+      - name: Upload Sarif output
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: rubocop.sarif

.github/workflows/tests.yml

@@ -0,0 +1,51 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+# This workflow will download a prebuilt Ruby version, install dependencies and run tests with Rake
+# For more information see: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby
+name: "Ruby on Rails CI"
+
+on:
+  push:
+  pull_request_target:
+    types: [ opened, reopened ]
+env:
+  API_URL: ${{ secrets.API_URL }}
+  API_KEY: ${{ secrets.API_KEY }}
+  BIOMIXER_URL: ${{ secrets.BIOMIXER_URL }}
+  FAIRNESS_URL: ${{ secrets.FAIRNESS_URL }}
+  ANNOTATOR_URL: ${{ secrets.ANNOTATOR_URL }}
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    services:
+      mysql:
+        image: mysql:latest
+        ports:
+          - "3306:3306"
+        env:
+          MYSQL_ROOT_PASSWORD: 'bp_user'
+      memcached:
+        image: memcached:1.6
+        ports:
+          - 11211:11211
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      # Add or replace dependency steps here
+      - name: Install Ruby and gems
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 2.7.8
+          bundler-cache: true
+      # Add or replace database setup steps here
+      - name: set up config file
+        run: cp config/database.yml.sample config/database.yml
+      - name: Set up database schema
+        run: RAILS_ENV=test bin/rails db:setup
+      - name: Set up yarn
+        run: yarn install
+      # Add or replace test runners here
+      - name: Run tests
+        run: RAILS_ENV=test bin/rails test -v

Capfile

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Load DSL and Setup Up Stages
 require 'capistrano/setup'
 
@@ -18,10 +20,10 @@ require 'capistrano/deploy'
 # require 'capistrano/rbenv'
 # require 'capistrano/chruby'
 require 'capistrano/bundler'
-require "capistrano/scm/git"
+require 'capistrano/scm/git'
 install_plugin Capistrano::SCM::Git
-#require 'capistrano/rails/assets'
-#require 'capistrano/rails/migrations'
+# require 'capistrano/rails/assets'
+# require 'capistrano/rails/migrations'
 require 'capistrano/rails'
 require 'capistrano/yarn'
 require 'capistrano/locally'

Dockerfile

@@ -1,4 +1,4 @@
-FROM ruby:2.7.5-alpine AS app
+FROM ruby:2.7.8-alpine AS app
 
 WORKDIR /app
 
@@ -17,34 +17,26 @@ RUN apk add --no-cache \
     less \
   && addgroup --gid ${GID} ruby \
   && adduser  -u ${UID} -G ruby -D  ruby \
-  && chown ruby:ruby -R /app \
-  && mkdir /node_modules \
-  && chown ruby:ruby -R /node_modules /app
+  && mkdir /node_modules
 
-USER ruby
-
-COPY --chown=ruby:ruby bin/ ./bin
-RUN chmod 0755 bin/*
+COPY --chown=ruby:ruby Gemfile* ./
+COPY --chown=ruby:ruby package.json *yarn* ./
 
-ARG RAILS_ENV="production"
+# Set ownership and permissions
+RUN chown -R ruby:ruby /app
 
-ENV RAILS_ENV="${RAILS_ENV}" \
-    NODE_ENV="${NODE_ENV}" \
-    PATH="${PATH}:/home/ruby/.local/bin:/node_modules/.bin" \
-    USER="ruby" \
-    BUNDLE_PATH=/usr/local/bundle
+USER ruby
 
-COPY --chown=ruby:ruby Gemfile* ./
+# Install dependencies
 RUN bundle install --jobs "$(nproc)"
-RUN gem install rails 
-
-
+RUN gem install rails
+RUN yarn install
 
 RUN echo "--modules-folder /node_modules" > .yarnrc
-COPY --chown=ruby:ruby package.json *yarn* ./
-RUN yarn install
 
+# Copy application code
+COPY --chown=ruby:ruby . .
 
 EXPOSE 3000
 
-CMD ["sh"]
+CMD ["bash"]

Gemfile

@@ -5,8 +5,8 @@ gem 'rails', '7.0.3'
 
 gem 'jsbundling-rails'
 
-gem 'sassc-rails' #sass-rails replacent
-gem 'terser' #ugilifer replacent
+gem 'sassc-rails' # sass-rails replacent
+gem 'terser' # ugilifer replacent
 
 # See https://github.com/rails/execjs#readme for more supported runtimes
 # gem 'therubyracer', platforms: :ruby
@@ -18,11 +18,9 @@ gem 'jquery-rails'
 gem 'jquery-ui-rails'
 gem 'select2-rails'
 
-
 # The original asset pipeline for Rails [https://github.com/rails/sprockets-rails]
 gem 'sprockets-rails'
 
-
 # Use the Puma web server [https://github.com/puma/puma]
 gem 'puma', '~> 5.0'
 
@@ -36,10 +34,10 @@ gem 'turbo-rails'
 gem 'stimulus-rails'
 
 # Build JSON APIs with ease [https://github.com/rails/jbuilder]
-#gem "jbuilder"
+# gem "jbuilder"
 
 # Windows does not include zoneinfo files, so bundle the tzinfo-data gem
-gem 'tzinfo-data', platforms: %i[ mingw mswin x64_mingw jruby ]
+gem 'tzinfo-data', platforms: %i[mingw mswin x64_mingw jruby]
 
 # To use ActiveModel has_secure_password
 # gem 'bcrypt-ruby', '~> 3.0.0'
@@ -50,41 +48,42 @@ gem 'bootsnap', require: false
 
 gem 'cube-ruby', require: 'cube'
 gem 'dalli'
+gem 'flag-icons-rails', '~> 3.4'
 gem 'flamegraph'
 gem 'graphql-client'
 gem 'haml', '~> 5.1'
 gem 'i18n'
-gem 'rails-i18n', '~> 7.0.0'
 gem 'iconv'
+gem 'inline_svg'
+gem 'iso-639', '~> 0.3.6'
+gem 'lookbook', '~> 1.5.5'
 gem 'multi_json'
-gem 'mysql2', '0.5.3'
+gem 'mysql2'
 gem 'oj'
+gem 'ontologies_api_client', git: 'https://github.com/ontoportal-lirmm/ontologies_api_ruby_client.git',
+                             branch: 'development'
 gem 'open_uri_redirections'
 gem 'pry'
-gem 'psych', '< 4'
+gem 'psych'
 gem 'rack-mini-profiler'
 gem 'rails_autolink'
+gem 'rails-i18n', '~> 7.0.0'
 gem 'rdoc'
 gem 'recaptcha', '~> 5.9.0'
 gem 'rest-client'
 gem 'stackprof', require: false
 gem 'thin'
-gem 'view_component', '~> 2.72'
 gem 'turnout'
+gem 'view_component', '~> 2.72'
 gem 'will_paginate', '~> 3.0'
-gem 'inline_svg'
-gem "lookbook", '~> 1.5.5'
-gem 'ontologies_api_client', git: 'https://github.com/ontoportal-lirmm/ontologies_api_ruby_client.git', branch: 'development'
-gem "flag-icons-rails", "~> 3.4"
-gem "iso-639", "~> 0.3.6"
 
 # Multi-Provider Authentication
 gem 'omniauth'
-gem "omniauth-rails_csrf_protection"
 gem 'omniauth-github'
 gem 'omniauth-google-oauth2'
-gem 'omniauth-orcid'
 gem 'omniauth-keycloak'
+gem 'omniauth-orcid'
+gem 'omniauth-rails_csrf_protection'
 
 group :staging, :production, :appliance do
   # application monitoring
@@ -106,21 +105,22 @@ group :development do
   gem 'ed25519', '>= 1.2', '< 2.0', require: false # https://github.com/miloserdow/capistrano-deploy/issues/42
   gem 'html2haml'
   gem 'listen'
-  # static code analysis
-  gem 'brakeman', require: false
-  gem 'rubocop', require: false
   # gem 'i18n-debug'
   # See https://guides.rubyonrails.org/debugging_rails_applications.html#debugging-with-the-debug-gem
-  gem 'debug', platforms: %i[ mri mingw x64_mingw ]
+  gem 'debug', platforms: %i[mri mingw x64_mingw]
 
   # Use console on exceptions pages [https://github.com/rails/web-console]
-  gem 'web-console'
-  gem 'i18n-tasks'
   gem 'deepl-rb'
+  gem 'i18n-tasks'
+  gem 'web-console'
 end
 
 group :test, :development do
+  gem 'brakeman'
   gem 'rspec-rails'
+  gem 'rubocop'
+  gem 'rubocop-rails'
+  gem 'ruby_audit'
 end
 
 group :test do
@@ -130,7 +130,4 @@ group :test do
   gem 'webdrivers'
 end
 
-
-gem "net-ftp", "~> 0.2.0", require: false
-gem "net-http"
-
+gem 'net-ftp', '~> 0.2.0', require: false