Merge branch 'develop' into 2369-quality-checks-across-TANF-section1

.circleci/config.yml

@@ -79,6 +79,7 @@ workflows:
           filters:
             branches:
               only:
+                - develop
                 - main
                 - master
                 - /^release.*/      

.github/workflows/deploy-develop-on-merge.yml

@@ -45,4 +45,8 @@ jobs:
         user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }}
         project-slug: ${{ github.repository }}
         branch: ${{ github.ref_name }}
-        payload: '{"develop_branch_deploy": true, "target_env": "develop"}'
+        payload: '{
+          "develop_branch_deploy": true,
+          "target_env": "develop",
+          "triggered": true
+        }'

.github/workflows/deploy-on-label.yml

@@ -66,4 +66,8 @@ jobs:
         user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }}
         project-slug: ${{ github.repository }}
         branch: ${{ github.head_ref }}
-        payload: '{"run_dev_deployment": true, "target_env": "${{steps.extract-deploy-env.outputs.DEPLOY_ENV}}"}'
+        payload: '{
+          "run_dev_deployment": true,
+          "target_env": "${{steps.extract-deploy-env.outputs.DEPLOY_ENV}}",
+          "triggered": true
+        }'

.github/workflows/qasp-owasp-scan.yml

@@ -34,5 +34,6 @@ jobs:
         branch: ${{ github.head_ref }}
         payload: |
           {
-            "run_owasp_scan": ${{ env.HAS_QASP_LABEL }}
+            "run_owasp_scan": ${{ env.HAS_QASP_LABEL }},
+            "triggered": true
           }

docs/Sprint-Review/sprint-75-summary.md

@@ -0,0 +1,49 @@
+# Sprint 75 Summary
+
+06/06/23 - 06/20/23
+
+Velocity: Dev (1)
+
+## Sprint Goal
+* Continue parsing engine development for Section 1 and close out integration test epic (310). 
+* UX to continue STT onboarding (focusing on onboarding CyberFusion users), errors research synthesis,  copy for e-mail notification of data submission and errors/transmission reports - 2559
+* DevOps to resolve utility images for CircleCI and container registry and close out path filtering for CI builds
+
+
+
+## Tickets
+### Completed/Merged
+* [2550 Deactivation warning emails are missing e-mail links in staging](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2550)
+
+
+### Ready to Merge
+* N/A
+
+### Submitted (QASP Review, OCIO Review)
+* N/A
+
+### Closed (not merged)
+* N/A
+
+## Moved to Next Sprint (In Progress, Blocked, Raft Review)
+
+### In Progress
+* [#1610 As a user, I need information about the acceptance of my data and a link for the error report](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/1610)
+* [#1613 As a developer, I need parsed file meta data (TANF Section 1)](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/board)
+* [#2369 As tech lead, we need the parsing engine to run quailty checks across TANF section 1](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2369)
+* [#2282 As tech lead, I want a file upload integration test](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2282)
+* [#2116 Container Registry Creation](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2116)
+
+### Blocked
+* [#2115 [DevOps] Create utility image(s) for CircleCI pipeline](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2115)
+
+### Raft Review
+* [#2563 Assess OWASP scan accuracy and URL filter](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2563)
+* [#2551 [Bug] - All users are not returned in API response](https://](https://app.zenhub.com/workspaces/product-board-5f2c6cdc7c0bb1001bdc43a5/issues/gh/raft-tech/tanf-app/2551))
+* [#2564 Adjust TANF and SSP Section 1 item numbers](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2564)
+* [#2457 Path filtering for CI Builds](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2457)
+* [#2486 Parser Performance](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2486)
+* [#2521 - Update cflinuxfs4](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2521)
+* [#2516 Errors Research Synthesis ](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2516)
+
+

docs/Sprint-Review/sprint-76-summary.md

@@ -0,0 +1,54 @@
+# Sprint 76 Summary
+
+06/21/23 - 07/04/23
+
+Velocity: Dev (17)
+
+## Sprint Goal
+* Continue parsing engine development for Section 1 and close out integration test epic (310). 
+* UX errors template, follow-on research, onboarding
+* DevOps to resolve utility images for CircleCI and container registry and close out path filtering for CI builds
+
+
+
+## Tickets
+### Completed/Merged
+* [#2563 Assess OWASP scan accuracy and URL filter](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2563)
+* [#2564 Adjust TANF and SSP Section 1 item numbers](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2564)
+* [#2521 - Update cflinuxfs4](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2521)
+* [#2551 [Bug] - All users are not returned in API response](https://](https://app.zenhub.com/workspaces/product-board-5f2c6cdc7c0bb1001bdc43a5/issues/gh/raft-tech/tanf-app/2551))
+* [#2457 Path filtering for CI Builds](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2457)
+* [#2516 Errors Research Synthesis ](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2516)
+* [#2527 Error Research informed excel prototype](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2527)
+
+
+### Ready to Merge
+* N/A
+
+### Submitted (QASP Review, OCIO Review)
+* N/A
+
+### Closed (not merged)
+* N/A
+
+## Moved to Next Sprint (Blocked, Raft Review, In Progress, Current Sprint Backlog)
+### In Progress
+* [#1613 As a developer, I need parsed file meta data (TANF Section 1)](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/board)
+* [#1784 - Email Relay](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/1784)
+* [#2347 decouple backend apps spike](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2347)
+* [#2369 As tech lead, we need the parsing engine to run quailty checks across TANF section 1](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2369)
+* [#2598 HHS Staging Deployment Failure](https://app.zenhub.com/workspaces/product-board-5f2c6cdc7c0bb1001bdc43a5/issues/gh/raft-tech/tanf-app/2598)
+* [#2116 Container Registry Creation](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2116)
+* [#2486 Parser Performance](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2486)
+* [#2282 As tech lead, I want a file upload integration test](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2282)
+
+
+### Blocked
+* [#1610 As a user, I need information about the acceptance of my data and a link for the error report](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/1610)
+
+
+### Raft Review
+* [#2369 As tech lead, we need the parsing engine to run quailty checks across TANF section 1](https://app.zenhub.com/workspaces/sprint-board-5f18ab06dfd91c000f7e682e/issues/gh/raft-tech/tanf-app/2369)
+
+
+

scripts/zap-scanner.sh

@@ -59,15 +59,91 @@ ZAP_CLI_OPTIONS="\
   -config globalexcludeurl.url_list.url\(0\).regex='.*/robots\.txt.*' \
   -config globalexcludeurl.url_list.url\(0\).description='Exclude robots.txt' \
   -config globalexcludeurl.url_list.url\(0\).enabled=true \
+
   -config globalexcludeurl.url_list.url\(1\).regex='^https?://.*\.cdn\.mozilla\.(?:com|org|net)/.*$' \
   -config globalexcludeurl.url_list.url\(1\).description='Site - Mozilla CDN (requests such as getpocket)' \
   -config globalexcludeurl.url_list.url\(1\).enabled=true \
+
   -config globalexcludeurl.url_list.url\(2\).regex='^https?://.*\.amazonaws\.(?:com|org|net)/.*$' \
   -config globalexcludeurl.url_list.url\(2\).description='TDP S3 buckets' \
   -config globalexcludeurl.url_list.url\(2\).enabled=true \
-  -config globalexcludeurl.url_list.url\(3\).regex='^https:\/\/.*\.acf.hhs.gov\/v1\/login\/.*$' \
-  -config globalexcludeurl.url_list.url\(3\).description='Site - identity pages' \
+
+  -config globalexcludeurl.url_list.url\(3\).regex='^https:\/\/.*\.hhs.gov\/.*$' \
+  -config globalexcludeurl.url_list.url\(3\).description='Site - acf.hhs.gov' \
   -config globalexcludeurl.url_list.url\(3\).enabled=true \
+
+  -config globalexcludeurl.url_list.url\(4\).regex='^https:\/\/.*\.google.com\/.*$' \
+  -config globalexcludeurl.url_list.url\(4\).description='Site - Google.com' \
+  -config globalexcludeurl.url_list.url\(4\).enabled=true \
+
+  -config globalexcludeurl.url_list.url\(5\).regex='^https:\/\/.*\.youtube.com\/.*$' \
+  -config globalexcludeurl.url_list.url\(5\).description='Site - youtube.com' \
+  -config globalexcludeurl.url_list.url\(5\).enabled=true \
+
+  -config globalexcludeurl.url_list.url\(6\).regex='^https:\/\/.*\.monsido.com\/.*$' \
+  -config globalexcludeurl.url_list.url\(6\).description='Site - monsido.com' \
+  -config globalexcludeurl.url_list.url\(6\).enabled=true \
+
+  -config globalexcludeurl.url_list.url\(7\).regex='^https:\/\/.*\.crazyegg.com\/.*$' \
+  -config globalexcludeurl.url_list.url\(7\).description='Site - crazyegg.com' \
+  -config globalexcludeurl.url_list.url\(7\).enabled=true \
+
+  -config globalexcludeurl.url_list.url\(8\).regex='^https:\/\/.*\.gstatic.com\/.*$' \
+  -config globalexcludeurl.url_list.url\(8\).description='Site - gstatic.com' \
+  -config globalexcludeurl.url_list.url\(8\).enabled=true \
+
+  -config globalexcludeurl.url_list.url\(9\).regex='^https:\/\/.*\.googleapis.com\/.*$' \
+  -config globalexcludeurl.url_list.url\(9\).description='Site - GoogleAPIs.com' \
+  -config globalexcludeurl.url_list.url\(9\).enabled=true \
+
+  -config globalexcludeurl.url_list.url\(10\).regex='^https:\/\/.*\.crazyegg.com\/.*$' \
+  -config globalexcludeurl.url_list.url\(10\).description='Site - CrazyEgg.com' \
+  -config globalexcludeurl.url_list.url\(10\).enabled=true \
+
+  -config globalexcludeurl.url_list.url\(11\).regex='^https:\/\/.*\.doubleclick.net\/.*$' \
+  -config globalexcludeurl.url_list.url\(11\).description='Site - DoubleClick.net' \
+  -config globalexcludeurl.url_list.url\(11\).enabled=true \
+
+  -config globalexcludeurl.url_list.url\(12\).regex='^https:\/\/.*unpkg.com\/.*$' \
+  -config globalexcludeurl.url_list.url\(12\).description='Site - Unpkg.com' \
+  -config globalexcludeurl.url_list.url\(12\).enabled=true \
+
+  -config globalexcludeurl.url_list.url\(13\).regex='^https:\/\/.*\.readspeaker.com\/.*$' \
+  -config globalexcludeurl.url_list.url\(13\).description='Site - ReadSpeaker.com' \
+  -config globalexcludeurl.url_list.url\(13\).enabled=true \
+
+  -config globalexcludeurl.url_list.url\(14\).regex='^https:\/\/.*\.fontawesome.com\/.*$' \
+  -config globalexcludeurl.url_list.url\(14\).description='Site - FontAwesome.com' \
+  -config globalexcludeurl.url_list.url\(14\).enabled=true \
+
+  -config globalexcludeurl.url_list.url\(15\).regex='^https:\/\/.*\.cloud.gov\/.*$' \
+  -config globalexcludeurl.url_list.url\(15\).description='Site - Cloud.gov' \
+  -config globalexcludeurl.url_list.url\(15\).enabled=true \
+
+  -config globalexcludeurl.url_list.url\(16\).regex='^https:\/\/.*\.googletagmanager.com\/.*$' \
+  -config globalexcludeurl.url_list.url\(16\).description='Site - googletagmanager.com' \
+  -config globalexcludeurl.url_list.url\(16\).enabled=true \
+
+  -config globalexcludeurl.url_list.url\(17\).regex='^https:\/\/.*\.cloudflare.com\/.*$' \
+  -config globalexcludeurl.url_list.url\(17\).description='Site - CloudFlare.com' \
+  -config globalexcludeurl.url_list.url\(17\).enabled=true \
+
+  -config globalexcludeurl.url_list.url\(18\).regex='^https:\/\/.*\.google-analytics.com\/.*$' \
+  -config globalexcludeurl.url_list.url\(18\).description='Site - Google-Analytics.com' \
+  -config globalexcludeurl.url_list.url\(18\).enabled=true \
+
+  -config globalexcludeurl.url_list.url\(19\).regex='^https:\/\/.*\.googletagmanager.com\/.*$' \
+  -config globalexcludeurl.url_list.url\(19\).description='Site - googletagmanager.com' \
+  -config globalexcludeurl.url_list.url\(19\).enabled=true \
+
+  -config globalexcludeurl.url_list.url\(20\).regex='^https:\/\/.*\.digitalgov.gov\/.*$' \
+  -config globalexcludeurl.url_list.url\(20\).description='Site - DigitalGov.gov' \
+  -config globalexcludeurl.url_list.url\(20\).enabled=true \
+
+  -config globalexcludeurl.url_list.url\(21\).regex='^https:\/\/.*\.identitysandbox.gov\/.*$' \
+  -config globalexcludeurl.url_list.url\(21\).description='Site - IdentitySandbox.gov' \
+  -config globalexcludeurl.url_list.url\(21\).enabled=true \
+
   -config spider.postform=true"
 
 # How long ZAP will crawl the app with the spider process