From 8164b085233e1108f8df95602d2c14b27f6f4517 Mon Sep 17 00:00:00 2001
From: Daniel Orner <daniel.orner@flipp.com>
Date: Sat, 23 Nov 2024 21:00:45 -0500
Subject: [PATCH 1/3] Add reminder deadline job and backup RDS

---
 app/jobs/backup_db_rds.rb                     | 25 +++++++++++++++++++
 clock.rb                                      | 10 +++++---
 lib/tasks/initiate_reminder_deadline_job.rake |  7 ------
 3 files changed, 31 insertions(+), 11 deletions(-)
 create mode 100644 app/jobs/backup_db_rds.rb
 delete mode 100644 lib/tasks/initiate_reminder_deadline_job.rake

diff --git a/app/jobs/backup_db_rds.rb b/app/jobs/backup_db_rds.rb
new file mode 100644
index 0000000000..56e5da2471
--- /dev/null
+++ b/app/jobs/backup_db_rds.rb
@@ -0,0 +1,25 @@
+# to be called from Clock
+module BackupDbRds
+  def run
+    logger = Logger.new(STDOUT)
+    logger.info("Performing dump of the database.")
+
+    current_time = Time.current.strftime("%Y%m%d%H%M%S")
+
+    logger.info("Copying the database...")
+    backup_filename = "#{current_time}.rds.dump"
+    system("PGPASSWORD='#{ENV["DIAPER_DB_PASSWORD"]}' pg_dump -Fc -v --host=#{ENV["DIAPER_DB_HOST"]} --username=#{ENV["DIAPER_DB_USERNAME"]} --dbname=#{ENV["DIAPER_DB_DATABASE"]} -f #{backup_filename}")
+
+    account_name = ENV["AZURE_STORAGE_ACCOUNT_NAME"]
+    account_key = ENV["AZURE_STORAGE_ACCESS_KEY"]
+
+    blob_client = Azure::Storage::Blob::BlobService.create(
+      storage_account_name: account_name,
+      storage_access_key: account_key
+    )
+
+    logger.info("Uploading #{backup_filename}")
+    blob_client.create_block_blob("backups", backup_filename, File.read(backup_filename))
+
+  end
+end
diff --git a/clock.rb b/clock.rb
index 5fad7b561a..0ecdcb81cc 100644
--- a/clock.rb
+++ b/clock.rb
@@ -31,9 +31,11 @@ module Clockwork
   end
 
   every(4.hours, "Backup prod DB to Azure blob storage", if: lambda { |_| Rails.env.production? }) do
-    rake = Rake.application
-    rake.init
-    rake.load_rakefile
-    rake["backup_db_rds"].invoke
+    BackupDbRds.run
   end
+
+  every(1.day, "Send reminder emails", at: "12:00", if: lambda { |_| Rails.env.production?}) do
+    ReminderDeadlineJob.perform_now
+  end
+
 end
diff --git a/lib/tasks/initiate_reminder_deadline_job.rake b/lib/tasks/initiate_reminder_deadline_job.rake
deleted file mode 100644
index 45d3a10779..0000000000
--- a/lib/tasks/initiate_reminder_deadline_job.rake
+++ /dev/null
@@ -1,7 +0,0 @@
-desc "This task is called by the Heroku scheduler add-on to initiate the ReminderDeadlineJob periodically"
-task :initiate_reminder_deadline_job => :environment do
-  puts "Initiating the Reminder Deadline job"
-  ReminderDeadlineJob.perform_now
-
-  puts "Done!"
-end

From 3979ff7b82615221a2d9dbebd9f998ee2ec7abed Mon Sep 17 00:00:00 2001
From: Daniel Orner <daniel.orner@flipp.com>
Date: Sun, 24 Nov 2024 09:44:28 -0500
Subject: [PATCH 2/3] Lint + brakeman ignore

---
 app/jobs/backup_db_rds.rb |  3 +--
 clock.rb                  |  3 +--
 config/brakeman.ignore    | 32 +++++++++++++++++++++++++++++---
 3 files changed, 31 insertions(+), 7 deletions(-)

diff --git a/app/jobs/backup_db_rds.rb b/app/jobs/backup_db_rds.rb
index 56e5da2471..9bd6f07eff 100644
--- a/app/jobs/backup_db_rds.rb
+++ b/app/jobs/backup_db_rds.rb
@@ -1,7 +1,7 @@
 # to be called from Clock
 module BackupDbRds
   def run
-    logger = Logger.new(STDOUT)
+    logger = Logger.new($stdout)
     logger.info("Performing dump of the database.")
 
     current_time = Time.current.strftime("%Y%m%d%H%M%S")
@@ -20,6 +20,5 @@ def run
 
     logger.info("Uploading #{backup_filename}")
     blob_client.create_block_blob("backups", backup_filename, File.read(backup_filename))
-
   end
 end
diff --git a/clock.rb b/clock.rb
index 0ecdcb81cc..fcf3e803b4 100644
--- a/clock.rb
+++ b/clock.rb
@@ -34,8 +34,7 @@ module Clockwork
     BackupDbRds.run
   end
 
-  every(1.day, "Send reminder emails", at: "12:00", if: lambda { |_| Rails.env.production?}) do
+  every(1.day, "Send reminder emails", at: "12:00", if: lambda { |_| Rails.env.production? }) do
     ReminderDeadlineJob.perform_now
   end
-
 end
diff --git a/config/brakeman.ignore b/config/brakeman.ignore
index ac55cf67be..606159e6b3 100644
--- a/config/brakeman.ignore
+++ b/config/brakeman.ignore
@@ -1,5 +1,28 @@
 {
   "ignored_warnings": [
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "0f98f6aeae590aca0d8eebf04dbd2dcaf4d1252822f138b4bcfe6e03455e5b4a",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "app/jobs/backup_db_rds.rb",
+      "line": 11,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "system(\"PGPASSWORD='#{ENV[\"DIAPER_DB_PASSWORD\"]}' pg_dump -Fc -v --host=#{ENV[\"DIAPER_DB_HOST\"]} --username=#{ENV[\"DIAPER_DB_USERNAME\"]} --dbname=#{ENV[\"DIAPER_DB_DATABASE\"]} -f #{\"#{Time.current.strftime(\"%Y%m%d%H%M%S\")}.rds.dump\"}\")",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "BackupDbRds",
+        "method": "run"
+      },
+      "user_input": "ENV[\"DIAPER_DB_PASSWORD\"]",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": ""
+    },
     {
       "warning_type": "Dynamic Render Path",
       "warning_code": 15,
@@ -7,7 +30,7 @@
       "check_name": "Render",
       "message": "Render path contains parameter value",
       "file": "app/controllers/static_controller.rb",
-      "line": 25,
+      "line": 20,
       "link": "https://brakemanscanner.org/docs/warning_types/dynamic_render_path/",
       "code": "render(template => \"static/#{params[:name]}\", {})",
       "render_path": null,
@@ -18,6 +41,9 @@
       },
       "user_input": "params[:name]",
       "confidence": "Medium",
+      "cwe_id": [
+        22
+      ],
       "note": ""
     },
     {
@@ -41,6 +67,6 @@
       "note": ""
     }
   ],
-  "updated": "2021-04-24 20:03:05 -0700",
-  "brakeman_version": "4.10.1"
+  "updated": "2024-11-24 09:44:01 -0500",
+  "brakeman_version": "6.2.1"
 }

From 5be43e4c7b753b3fd029d3bf21edf65875792549 Mon Sep 17 00:00:00 2001
From: Daniel Orner <daniel.orner@flipp.com>
Date: Sun, 24 Nov 2024 10:11:36 -0500
Subject: [PATCH 3/3] Add log

---
 app/jobs/reminder_deadline_job.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/jobs/reminder_deadline_job.rb b/app/jobs/reminder_deadline_job.rb
index 32cd255586..2006d2931c 100644
--- a/app/jobs/reminder_deadline_job.rb
+++ b/app/jobs/reminder_deadline_job.rb
@@ -7,6 +7,7 @@ class ReminderDeadlineJob < ApplicationJob
 
   def perform
     remind_these_partners = Partners::FetchPartnersToRemindNowService.new.fetch
+    Rails.logger.info("Partners to remind: #{remind_these_partners.map(&:id)}")
 
     remind_these_partners.each do |partner|
       ReminderDeadlineMailer.notify_deadline(partner).deliver_later