NOTE: This repo has been archived. Phil has been moved into MyCharlie (mbta/my_charlie). All features related to fulfillment and card adminstration are being added to MyCharlie.
Phil is a backoffice-facing application used to manage card/pass fulfillment concerns.
Product scope for Phil is documented in Notion here.
-
PostgreSQL (check the currently used version here), installed as you prefer:
- via Postgres.app (on macOS)
- via Homebrew (on macOS)
- directly installed
- via Docker
-
If not available via your PostgreSQL install,
libpq
via Homebrew:brew install libpq
(providespsql
,pg_dump
, and other PostgreSQL client CLI utilities) -
asdf, with plugins for:
-
Update your
/etc/hosts
file (usingsudo
mode) to create aphil.localhost
hostname by adding the following lines at the bottom:# Phil for SSO setup with Keycloak in dev 127.0.0.1 phil.localhost
This is necessary because Keycloak is setup to route back to
phil.localhost
for dev use. -
Copy the
.envrc.template
file to.envrc
, and update values in that new file with the correct information. -
Setup direnv to automatically read the
.envrc
file.- Install via Homebrew:
brew install direnv
- You will want to hook
direnv
into your shell. For example, forzsh
, add the following lines to your.zshrc
:
# Setup direnv shell integration eval "$(direnv hook zsh)"
- You may also need to run
direnv allow
from the repo root if you get a message saying the file is blocked. This happens the first time you use it, and when the.envrc
file changes.
- Install via Homebrew:
- Run
asdf install
to get the correct language/tool versions via the.tool-versions
file - Run
mix setup
to install and setup dependencies and database
- Start the Phoenix server:
- Directly with
mix phx.server
- Inside IEx with
iex -S mix phx.server
- Directly with
- Visit
phil.localhost:4001
from your browser
Run tests with mix test
Run formatting and code analysis with the following:
- Run code formatting with
mix format
- Run a full compile with
mix compile --force --all-warnings
- Run linting with
mix credo --strict
- Run static analysis with
mix dialyzer --quiet
- Run security analysis with
mix sobelow --skip --verbose --ignore Config.HTTPS
Note: all of these can be run in sequence with one command: mix check
In deployed environments, we use the Plug.SSL
plug to automatically redirect HTTP traffic to HTTPS.
While Phoenix does not terminate the SSL, it uses the x-forwarded-proto
request header to verify
HTTPS traffic from the ALB. In development environments, we are setup to use self-signed certs to mimic
HTTPS handling, but that termination is done by Phoenix directly.
If you want to test things like the /_health
endpoint, which is excluded from HTTPS redirects
intentionally, you'll need to enable an HTTP listener on another port, and use that port to test it
locally. For that to work, you'll also need to disable the :redirect_http?
config flag (to false
).
You can see commented lines in config/dev.exs
that enable this.
If you want to test HTTPS redirect behavior, you'll need to have an HTTP listener on a separate port,
and you'll need to either provide or not provide the x-forwarded-proto
header with a protocol value
of https
to govern whether the traffic is coming from an HTTPS source or not. With the appropriate
header, traffic should go through as expected; without it, traffic should be redirected with a 301.
Deployment is managed via Github Actions CI workflow Deploy to Dev.
- All merges to
main
branch are automatically deployed to thestaging
environment. - Deploys to
staging
,dev-red
anddev-green
environments can also be accomplished by manually kicking off a CI run of Deploy to Dev in the Github Actions tab.
If you're thinking of contributing to this repo, please take a look at our code of conduct and the contributing guidelines to get started.