@financial-times/rel-engage
v9.3.0
Published
Standardised tools for the reliability engineering team
Downloads
782
Maintainers
Keywords
Readme
@financial-times/rel-engage
Standardised tools for JavaScript projects owned by the Reliability Engineering team. It includes common configuration for linting and formatting of source files, tools to fetch secrets from Vault and solve other commonly tasks.
Getting started
This package is compatible with Node 18+ and is distributed on npm.
The fastest way to get developing with rel-engage
is to run the package via npx:
npx @financial-times/rel-engage
Alternatively you can run the both install steps manually:
# 1. Download and save the package
npm install --save-dev @financial-times/rel-engage
# 2. Run the install command
./node_modules/.bin/rel-engage
As part of the install step several configuration files will be created as well as a new Makefile
. See the commands documentation to find out more.
Commands
After installing rel-engage
a new Makefile
will be added to your project. This provides a number of commands for common tasks, including:
install
to install Node modules and create configuration files.verify
to run linting and formatting tools.clean
to undo all changes and remove files that are not tracked by version control.env
to fetch and save project secrets
To view a list of all commands and their descriptions, run:
make help
Configuration
Each time you run the make install
command provided by this package a number of configuration files will be added to your project if not already present:
- EditorConfig (
.editorconfig
) - provides whitespace settings for your editor when creating new files. - ESLint (
.eslintrc.js
,.eslintignore
) - configuration for linting JavaScript. - Husky (
.huskyrc.js
) - installs and configures Git hooks to run commands before committing and pushing code. - lint-staged (
.lintstagedrc.js
) - configures commands to run only on changed files that will be committed. - Prettier (
.prettierrc.js
,.prettierignore
) - automatic formatting for JavaScript, JSON, YAML, and more.
The created "dotfiles" link to shared configuration provided by this package and do not contain any rules themselves.
These rules should rarely need to be overridden but if you do need to then it's possible to directly modify them, either by using the built in support for the tool (e.g ESLint supports an extends
pattern), or by manually extending the provided JavaScript objects themselves.
Secrets
Project secrets (such as API keys) are stored in Doppler and can be used by executing commands via use of the doppler run --command="..."
.
Secrets in Doppler are stored in projects; one for each system and one for each team's shared secrets.
Secrets for local development
To get started, ensure that you have the doppler-cli installed and configured correctly and that you are in the GLO-OKTA-DOPPLER-ENGINEERING-INSIGHTS
okta group.
Once this is done you should be able to run the doppler login
command. If you run into any problems then you can ask for help on the #reliability-eng Slack channel.
Note the doppler login
only authenticates you with Doppler; it does not allow you to access any secrets.
To access the secrets in your current project you must define a PROJECT_NAME
in your makefile
.
For example:
PROJECT_NAME=biz-ops-route53-importer
Once a PROJECT_NAME
as been defined then you can inject the test
secrets into your local session by running:
make env
If you need to access prod
secrets then use the following:
make env ENV=prod
Secrets on CircleCI
When Doppler credentials are required as part of your CI pipeline these can be retrieved by appending the load_secrets
command from the ft-circleci-orbs/doppler-circleci orb to your workflow jobs:
test:
<<: *default_container_config
steps:
- *attach_workspace
- load_secrets:
config: TEST
- run:
name: Run unit tests
command: make unit-test
Keeping secrets safe
Snyk
Snyk can be used to scan dependencies for security vulnerabilities after installing your project. The Snyk tool will be installed by rel-engage
but to ensure it is protecting your project you'll need to ensure Snyk is able to test and monitor it. To do so run the following command (this may require you to login to Snyk via SSO):
snyk monitor
This will add the snyk
package as a direct dependency of your project. To integrate Snyk as part of your project's CI workflow you can use the Snyk Orb.
Contributing
Requirements
To get started with this project you'll need to make sure you have the following software tools installed.
Please note that Page Kit has only been tested in Mac and Linux environments. If you are on a Mac you may find it easiest to install the Command Line Tools package which includes Git.
Project installation
Clone the project's Git repository and change to the new directory that has been created:
git clone [email protected]:Financial-Times/rel-engage cd rel-engage
Install all of the project dependencies (this may take a few minutes if you are running this for the first time):
make install