This is a service for recording children vaccinations with the NHS. This version is a prototype used for testing service designs and implementation technology.
| Name | RAILS_ENV |
|---|---|
| Production | production |
| Test | staging |
| Training | staging |
This project depends on:
The instructions below assume you are using asdf to manage the necessary
versions of the above.
We keep track of architecture decisions in Architecture Decision Records (ADRs).
We use rladr to generate the boilerplate for new records:
bin/bundle exec rladr new titleThis project uses asdf. Use the following to install the required tools:
# Install dependencies
brew install gcc readline zlib curl ossp-uuid # Mac-specific
export HOMEBREW_PREFIX=/opt/homebrew # Mac-specific
# The first time
brew install asdf # Mac-specific
asdf plugin add aws-copilot
asdf plugin add awscli
asdf plugin add nodejs
asdf plugin add postgres
asdf plugin add ruby
asdf plugin add yarn
# To install (or update, following a change to .tool-versions)
asdf installWhen installing the pg gem, bundle changes directory outside of this
project directory, causing it lose track of which version of postgres has
been selected in the project's .tool-versions file. To ensure the pg gem
installs correctly, you'll want to set the version of postgres that asdf
will use:
# Temporarily set the version of postgres to use to build the pg gem
ASDF_POSTGRES_VERSION=13.5 bundle installAfter installing Postgres via asdf, run the database in the background, and
connect to it to create a user:
$ pg_ctl start
$ psql -U postgres -c "CREATE USER $(whoami); ALTER USER $(whoami) WITH SUPERUSER;"To set the project up locally:
bin/setup
bin/devIf you encounter:
No yarn executable found for nodejs 22.5.1You need to reshim nodejs:
asdf reshim nodejsTo run the linters:
bin/lintsolargraph is bundled as part of the development dependencies. You need to set it up for your editor, and then run this command to index your local bundle (re-run if/when we install new dependencies and you want completion):
bin/bundle exec yard gemsYou'll also need to configure your editor's solargraph plugin to
useBundler:
+ "solargraph.useBundler": true,The script bin/db is included to start up PostgreSQL for setups that don't use
system-started services, such as asdf which is our default. Note that this is
meant to be a handy script to manage PostgreSQL, not run a console like rails db
does.
$ bin/db
pg_ctl: no server running
$ bin/db start
waiting for server to start.... done
server started
$ bin/db
pg_ctl: server is running (PID: 79113)
/Users/misaka/.asdf/installs/postgres/13.5/bin/postgres
This script attempts to be installation agnostic by relying on pg_config to
determine postgres's installation directory and setting up logging accordingly.
This application comes with a Procfile.dev for use with foreman in
development environments. Use the script bin/dev to run it:
$ bin/dev
13:07:31 web.1 | started with pid 73965
13:07:31 css.1 | started with pid 73966
13:07:31 js.1 | started with pid 73967
...TTY echo can get mangled when using binding.pry in bin/dev. To work around
this, you can run rails s directly if you're not working with any JS or CSS
assets.
Alternatively, you can install tmux and
overmind which
is compatible with our Procfile.dev:
$ overmind start -f Procfile.dev
$ overmind connect webTo run the Rails tests:
bin/bundle exec rspecTo run the JS unit tests:
yarn testTo run the Playwright end to end tests use:
yarn test:e2eTo generate tests interactively by clicking in a live browser:
yarn playwright codegen http://localhost:4000To run the load tests:
USERNAME=username PASSWORD=password SESSION=slug yarn test:load --target=http://test.mavistesting.comYou can generate an example programme with a few sessions in development by visiting /reset.
You can add a new user to an environment using the users:create rake task:
rails users:create['[email protected]','password123','John Doe',1]
ViewComponent previews are enabled in development and test environments. In development, they are here:
http://localhost:4000/rails/view_components
The previews are defined in spec/components/previews.
This app can be deployed to AWS using AWS Copilot. Once authenticated, you can run:
$ bin/deploy testSee docs/aws-copilot.md for more information.
When developing locally, emails are sent using the :file delivery method, and
logged to STDOUT.
If you want to use Notify, you'll need to set up a test API key, and then set
up a config/settings/development.local.yml file:
govuk_notify:
enabled: true
test_key: YOUR_KEY_HEREYou should set it to enabled: false when you're done testing Notify locally,
because it's easier to work offline without it.
GOV.UK Notify can store reply-to email addresses and use them when sending mail. Once you've added the reply-to email in GOV.UK Notify, get the UUID and add it to the organisation.
This service uses NHS's CIS2 Care Identity Authentication service to perform OIDC authentication for users.
You can retrieve the issuer URL from the appropriate endpoint listed on [CIS2 Guidance Discovery page] (https://digital.nhs.uk/services/care-identity-service/applications-and-services/cis2-authentication/guidance-for-developers/detailed-guidance/discovery) (note: the dev env is being deprecated and will be removed):
$ curl -s https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/.well-known/openid-configuration | jq .issuer
"https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare"Clients can be configured via CIS2 Connection Manager, please contact other organisation members to get the details for that. Mavis can use either a client secret or a private key JWT when authenticating requests to CIS2, these are configured with the Connection Manager too.
Once you've created a client config, put the client_id and
secret/private_key into your local settings and ensure cis2 is enabled. For
deployed environments these parameters need to be places into our AWS parameter
store and are environment-specific. Here's an example of a full settings section
using a client_secret:
cis2:
enabled: true
issuer: https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcareopenam/oauth2/realms/root/realms/oidc"
client_id: # Only include for local settings, otherwise populate in AWS parameter store
secret: # Only include for local settings, otherwise populate in AWS parameter storeWhen configuring a new private_key for production, for example (which must
have it's own key), you'll need to add the public key PEM to PagesController#jwks
so that it can be served out from the /oidc/jwks endpoint. CIS2 will use this
to decrypt JWKs when using the private_key_jwk authentication method. These
keys should be rotated on a regular basis.
clinics:create[name,address,town,postcode,ods_code,organisation_ods_code]schools:add_to_organisation[ods_code,team_name,urn,...]organisations:create_hpv[email,name,phone,ods_code,privacy_policy_url,reply_to_id]teams:create[ods_code,name,email,phone]users:create[email,password,given_name,family_name,organisation_ods_code]vaccines:seed[type]
See the Rake tasks documentation for more information.
Mavis connects to the NHS MESH (Message Exchange for Social Care and Health) to send data to DPS for upstream reporting of vaccination records.
See the MESH documentation for more information.
Mavis is also configured to connect to PDS to retrieve patient information such as NHS numbers.
See the PDS documentation for more information.
MIT.
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}
