This application is a front-end application used by staff in HMPPS prisons to view and manage non-associations between offenders.
It is backed by hmpps-non-associations-api.
The application needs a suite of services to work:
- redis – to store user session data
- hmpps-auth – to authenticate users
- nomis-user-roles-api – to authenticate users
- hmpps-non-associations-api – to retrieve non-association information
This application is built for Node.js and docker will be needed to run it locally.
nvm or fnm
can be used to install appropriate node versions, e.g.:
nvm useAdditional tools are required to manage deployment: kubectl and helm.
This is probably the easiest way to run and develop on your machine: by hooking into services that already exist
in the dev environment.
A user account is needed in hmpps-auth with the appropriate roles.
Copy the .env.sample file to .env following the instructions in the file.
Run the application in development mode, in separate shell sessions:
docker compose -f docker-compose-test.yml up
npm run start:devThis will automatically restart it if server code or front-end assets are modified.
TODO: the environment/settings are not properly set up for this application to work without using external services!
It’s prudent to periodically update npm dependencies; continuous integration will occasionally warn when it’s needed. Renovate (similar to dependabot) is set up to try to upgrade npm packages, base docker images, helm charts and CircleCI orbs by raising pull requests.
Continuous integration on CircleCI will always perform the full suite of tests on pull requests and branches pushed to github, but they can be run locally too.
Run unit tests using:
npm test…optionally passing a file path pattern to only run a subset:
npm test -- authorisationMiddlewareRun the full set of headless integration tests, in separate shell sessions:
docker compose -f docker-compose-test.yml up
npm run start-feature
npm run int-testIntegration tests can also be run in development mode with a UI so that assets are rebuilt when modified and tests will re-run:
docker compose -f docker-compose-test.yml up
npm run start-feature:dev
npm run int-test-uiType-checking is performed with:
npm run typecheckPrettier should automatically correct many stylistic errors when changes are committed, but the linter can also be run manually:
npm run lintContinuous integration will regularly perform security checks using nm security audit, trivy and veracode.
The npm audit can be run manually:
npx audit-ci --config audit-ci.jsonThis application is hosted on Cloud Platform
in three environments:
dev (continuously deployed and experimental; for general testing),
preprod (largely matches the live service; for pre-release testing)
and prod (the live service).
The environments are distinct namespaces defined using a combination of kubernetes resources and terraform templates:
A shared HMPPS helm chart forms the basis of releases, setting up a deployment, service, ingress and associated policies and monitoring rules.
See /helm_deploy/.
When the main branch is updated (e.g. when a pull request is merged),
a new version of the application is released to dev automatically by CircleCI.
This release can be promoted to preprod and prod using the CircleCI interface.
See /helm_deploy/README.md for manual deployment steps.
There is a suite of tools used for monitoring deployed applications:
- Kibana – logging
- Azure Application Insights – application profiling and introspection
- Prometheus – application and request metrics
- Alertmanager – alerts based on metrics
- Sentry.io – monitoring of errors and exceptions
The code in this repository uses the MIT licence.