django-template

This script will create a new Django project using various defaults for US government websites.

Use for new project

1. Run pipenv install
2. Run pipenv run python 18f_django_template.py

Available Options

If any of these options are not provided on the command line, then you will be prompted for them interactively.

• --app-name=<new-application-name>: This is used as the name of the new application's directory and a Python identifier is derived from it and used as the name of the new Django app inside that directory.

• --uswds/--no-uswds: For application's that don't have an HTML frontend, you can specify --no-uswds to not install the US Web Design System (USWDS). If you do choose to install USWDS, then you will need to have Node.js/npm installed locally for the installation.

• --circleci/--no-circleci: Configure continuous integration with the CircleCI service (or not). The resulting project will have a .circleci/config.yml file.

• --github-actions/--no-github-actions: Configure continuous integration with Github Actions. The resulting project will have .github/actions and .github/workflows directories.

What 18f_django_template.py does

1. Create a better default README
2. Copy CONTRIBUTING.md and LICENSE.md from the 18F Open Source Policy repo
3. Create a "near-production" ci django environment, used for running a11y and security scans
4. Create a "near-production" staging django environment, used for cloud.gov staging environment, with a "TEST SITE" warning banner
5. Create a .nvmrc file for specifying the NodeJS version in use
6. Set up pa11y-ci for a11y scanning
7. Set up OWASP ZAP dynamic security scanning
8. Include django-csp package and configure CSP header to get OWASP passing by default
9. Install and configure bandit for static security scanning
10. Install bundler-audit and set up bundle:audit rake task for Ruby dependency security scans
11. Install flake8 for python linting
12. Install black for python formatting
13. Install django-webtest for unit testing
14. Install coverage.py for coverage reporting
15. Create a separate production credentials file.
16. Create a pre-commit hook that can be used to automatically run black, flake8 and bandit
17. Setup USWDS via postcss
18. Update templates/base.html include the USWDS Banner
19. Create boundary and logical data model compliance diagrams
20. Create manifest.yml and variable files for cloud.gov deployment
21. Optionally create Github Actions workflows for testing and cloud.gov deploy
22. Optionally create terraform modules supporting staging & production cloud.gov spaces
23. Optionally create CircleCI workflows for testing and cloud.gov deploy
24. Optionally create a New Relic config with FEDRAMP-specific host
25. Optionally configure DAP (Digital Analytics Program)
26. Create Architecture Decision Records for above setup
27. Commit the resulting project with git (unless --skip-git is passed)

Development

To run the test suite, run pipenv install --dev and then pipenv run pytest from this repository directory. Make sure you have npm and docker installed as some tests require them.

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/18f/django-template. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the code of conduct.

Code of Conduct

Everyone interacting in the 18F Django Template project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the code of conduct.