Feat/build model graph

.github/workflows/generate_erd.yml

@@ -0,0 +1,78 @@
+name: Generate Models Graph
+
+on:
+  push:
+    paths:
+      - "backend/apps/**/models/**"
+      - "pyproject.toml"
+      - "README.md"
+  workflow_dispatch:
+
+jobs:
+  generate-model-graph:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Set up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: "3.13"
+
+      - name: Install Poetry
+        run: |
+          python -m pip install --upgrade pip
+          python -m pip install poetry
+
+      - name: Install system dependencies
+        run: |
+          sudo apt update
+          sudo apt install -y graphviz
+
+      - name: Create and Populate .env File
+        run: |
+          touch backend/.env  # Ensure the file exists
+          echo "DJANGO_SENTRY_DSN=${{ secrets.DJANGO_SENTRY_DSN }}" >> backend/.env
+          echo "DJANGO_SECRET_KEY=${{ secrets.DJANGO_SECRET_KEY }}" >> backend/.env
+          echo "SECRET_KEY=${{ secrets.SECRET_KEY }}" >> backend/.env
+          echo "DJANGO_CONFIGURATION=Test" >> backend/.env
+          echo "GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}" >> backend/.env
+          echo "DJANGO_DB_PASSWORD=${{ secrets.DJANGO_DB_PASSWORD }}" >> backend/.env
+          echo "DJANGO_ALLOWED_HOSTS=*" >> backend/.env  # Example of a non-secret variable
+
+      - name: Debug .env file
+        run: |
+          ls -la backend  # Check if the .env file exists
+          cat backend/.env | grep -v DJANGO_DB_PASSWORD | grep -v DJANGO_SECRET_KEY
+
+      - name: Prepare secrets
+        run: |
+          echo "DJANGO_SENTRY_DSN=${{ secrets.DJANGO_SENTRY_DSN }}" >> .env.backend
+          echo "DJANGO_SECRET_KEY=${{ secrets.DJANGO_SECRET_KEY }}" >> backend/.env.backend
+          echo "DJANGO_SETTINGS_MODULE=settings.test" >> backend/.env.backend
+          echo "DJANGO_CONFIGURATION=Test"
+          echo "SECRET_KEY=${{ secrets.SECRET_KEY }}" >> backend/.env
+          echo "GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}" >> backend/.env.backend
+
+      - name: Install dependencies
+        run: |
+          cd backend
+          export $(grep -v '^#' .env.backend | xargs)
+          poetry install --no-interaction --no-root --with dev
+          poetry add pydotplus  # Ensure pydotplus is installed
+
+      - name: Generate Models Graph
+        run: |
+          cd backend
+          set -a
+          source .env.backend
+          set +a
+          poetry run python manage.py graph_models -a -g -o backend_models.png
+
+      - name: Upload Artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: backend-models-graph
+          path: backend/backend_models.png

README.md

@@ -53,6 +53,14 @@ OWASP Nest thrives on community contributions. Whether you are a developer, desi
 - Issue Reporting: Identify and report bugs or suggest improvements.
 - Engagement: Share feedback, participate in discussions, or promote the project in your network.
 
+## Django Models Graph
+
+The following is an auto-generated visualization of our Django models:
+
+![Django Models Graph](backend/backend_models.png)
+
+
+
 To get started, visit the [OWASP Nest Repository](https://github.com/OWASP/Nest), explore the [Contributing Guidelines](https://github.com/OWASP/Nest/blob/main/CONTRIBUTING.md), and [Code of Conduct](https://github.com/OWASP/Nest/blob/main/CODE_OF_CONDUCT.md).
 
 ## About

backend/manage.py

@@ -6,8 +6,10 @@
 import sys
 
 if __name__ == "__main__":
-    os.environ.setdefault("DJANGO_SETTINGS_MODULE", "settings.local")
-    os.environ.setdefault("DJANGO_CONFIGURATION", "Local")
+    os.environ.setdefault(
+        "DJANGO_SETTINGS_MODULE", os.getenv("DJANGO_SETTINGS_MODULE", "settings.test")
+    )
+    os.environ.setdefault("DJANGO_CONFIGURATION", os.getenv("DJANGO_CONFIGURATION", "Test"))
 
     from configurations.management import execute_from_command_line
 

backend/pyproject.toml

@@ -47,10 +47,13 @@ slack-bolt = "^1.22.0"
 
 
 [tool.poetry.group.dev.dependencies]
+django-extensions = "^3.2.3"
+pydotplus = "^2.0.2"
 djlint = "^1.36.4"
 pre-commit = "^4.1.0"
 ruff = "^0.9.5"
 
+
 [tool.poetry.group.test.dependencies]
 pytest = "^8.3.4"
 pytest-cov = "^6.0"

backend/settings/base.py

@@ -185,7 +185,7 @@ class Base(Configuration):
     DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
 
     # SECURITY WARNING: keep the secret key used in production secret!
-    SECRET_KEY = values.SecretValue()
+    SECRET_KEY = values.Value()
 
     # https://docs.djangoproject.com/en/5.1/ref/settings/#data-upload-max-number-fields
     DATA_UPLOAD_MAX_NUMBER_FIELDS = 5000

backend/settings/local.py

@@ -15,3 +15,5 @@ class Local(Base):
     LOGGING = {}
     SLACK_COMMANDS_ENABLED = True
     SLACK_EVENTS_ENABLED = True
+
+    INSTALLED_APPS = ("django_extensions",)

backend/settings/test.py

@@ -7,3 +7,6 @@ class Test(Base):
     """Test configuration."""
 
     DEBUG = False
+
+
+INSTALLED_APPS = ("django_extensions",)