diff --git a/.devcontainer/demo/devcontainer.json b/.devcontainer/demo/devcontainer.json new file mode 100644 index 00000000..e016c8ee --- /dev/null +++ b/.devcontainer/demo/devcontainer.json @@ -0,0 +1,27 @@ +{ + "name": "DejaCode Demo (Codespaces only)", + "dockerComposeFile": "../../docker-compose.demo.yml", + "service": "web", + "workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}", + "overrideCommand": false, + "forwardPorts": [8000], + "portsAttributes": { + "8000": { + "label": "DejaCode", + "onAutoForward": "notify" + } + }, + "customizations": { + "codespaces": { + "openFiles": [] + }, + "vscode": { + "settings": { + "chat.disableAIFeatures": true, + "workbench.startupEditor": "none", + "workbench.tips.enabled": false, + "git.openRepositoryInParentFolders": "never" + } + } + } +} diff --git a/.env.demo b/.env.demo new file mode 100644 index 00000000..a6c7b5f9 --- /dev/null +++ b/.env.demo @@ -0,0 +1,24 @@ +POSTGRES_DB=dejacode_demo_db +POSTGRES_USER=dejacode +POSTGRES_PASSWORD=dejacode +POSTGRES_INITDB_ARGS="--encoding=UTF-8 --lc-collate=en_US.UTF-8 --lc-ctype=en_US.UTF-8" + +DATABASE_HOST=db +DATABASE_NAME=dejacode_demo_db +DATABASE_USER=dejacode +DATABASE_PASSWORD=dejacode + +SECRET_KEY=insecure-demo-key +DEJACODE_DEBUG=True +ALLOWED_HOSTS=* +CSRF_TRUSTED_ORIGINS="https://*.app.github.dev,http://localhost:8000" +X_FRAME_OPTIONS=SAMEORIGIN +SECURE_CROSS_ORIGIN_OPENER_POLICY=None + +DEJACODE_ASYNC=False +CLAMD_ENABLED=False + +DJANGO_SUPERUSER_USERNAME=demo +DJANGO_SUPERUSER_EMAIL=demo@example.com +DJANGO_SUPERUSER_PASSWORD=demo +LOGIN_FORM_ALERT='
Username: demo
Password: demo
' diff --git a/README.rst b/README.rst index bee274be..c7057e72 100644 --- a/README.rst +++ b/README.rst @@ -14,6 +14,28 @@ licenses, vulnerabilities, and package provenance and metadata, enabling you to FOSS compliance with enterprise-grade features and integrations for DevOps and software systems. +Try DejaCode in GitHub Codespaces +================================= + +You can try DejaCode instantly in your browser, **without installing anything**, +using GitHub Codespaces. The badge below launches a ready-to-use demo instance: +the application starts automatically, with a demo account already created for you. + +.. image:: https://github.com/codespaces/badge.svg + :target: https://github.com/codespaces/new/aboutcode-org/dejacode?ref=main&devcontainer_path=.devcontainer%2Fdemo%2Fdevcontainer.json&quickstart=true + :alt: Open in GitHub Codespaces + +#. **Click** the badge above and **confirm** the creation of the Codespace. +#. **Wait** for the environment to finish starting. This takes a few minutes the + first time. +#. **Open the app** when the notification offers to. You can also open it anytime + from the **Ports** tab by clicking the globe icon next to port ``8000``. +#. **Log in** with the demo credentials shown on the login page. + +**Note:** + This demo instance is **ephemeral** and meant for evaluation only. Data is not + preserved, and the instance shuts down after a period of inactivity. + Getting Started =============== diff --git a/dejacode/settings.py b/dejacode/settings.py index eb1040cf..fb026ceb 100644 --- a/dejacode/settings.py +++ b/dejacode/settings.py @@ -202,8 +202,8 @@ def gettext_noop(s): SECURE_CROSS_ORIGIN_OPENER_POLICY = env.str( "SECURE_CROSS_ORIGIN_OPENER_POLICY", default="same-origin" ) +X_FRAME_OPTIONS = env.str("X_FRAME_OPTIONS", default="DENY") -X_FRAME_OPTIONS = "DENY" # Note: The CSRF_COOKIE_HTTPONLY cannot be activated yet without breaking all # the AJAX (POST, PUT, etc..) requests, like the annotation system for example. # It will be required to configure the following: diff --git a/docker-compose.demo.yml b/docker-compose.demo.yml new file mode 100644 index 00000000..6ea5fff9 --- /dev/null +++ b/docker-compose.demo.yml @@ -0,0 +1,28 @@ +name: dejacode +services: + db: + image: docker.io/library/postgres:16.13 + env_file: + - .env.demo + volumes: + - ./data/postgresql:/docker-entrypoint-initdb.d/ + shm_size: "1gb" + healthcheck: + test: [ "CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}" ] + interval: 10s + timeout: 5s + retries: 5 + + web: + image: ghcr.io/aboutcode-org/dejacode:latest + command: sh -c " + ./manage.py migrate && + (./manage.py createsuperuser --noinput || true) && + ./manage.py runserver --insecure --skip-checks 0.0.0.0:8000" + env_file: + - .env.demo + ports: + - "8000:8000" + depends_on: + db: + condition: service_healthy