The OWASP ZAP scan GitHub Actions have been updated recently and we need to make sure our GitHub Actions account for the recent changes. This changeset makes sure we are using the latest version of the OWASP ZAP API scan, the correct Docker image, and adjusts the name of the step to accurately reflect what scan is being run.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
I noticed that a previous scan yesterday had referenced the weekly releases under the hood despite being configured for stable.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This PR fixes the dynamic-scan job, which is now failing in our PR checks due to missing environment variables.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This changeset adds the E2E test environment variables to our deployment scripts so that they are accessible to the application and database migrations.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This changeset adjusts our references to the cloud.gov org we are using from gsa-tts-benefits-studio-prototyping to gsa-tts-benefits-studio.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
* Fix ADR issue template
This changeset fixes an issue with the ADR issue template: names must be unique!
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This changeset fixes a few lingering typos and incorrect information in the ADRs and updates them with some final decisions. It also fixes an issue with the ADR creation form for GitHub.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This changeset updates our ADR documentation to include notes on draft and private ADRs that need to live outside of GitHub. It updates the README with this information and also introduces an "implemented" flag in addition to the ADR status itself. This is reflected in the ADR templates.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This changeset adds two new ADRs:
- ADR-0002: Determine How to Handle Timezones in US Notify
- ADR-0003: Implementing Invite Expirations
It also includes a config.yml file for GitHub that was missing in a previous PR to enable the new ADR issue template and form.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This changeset adds a custom issue template and form for use within GitHub itself to help draft new Architectural Decision Records (ADRs).
Note that we'll still ultimately have to create the actual ADR as a Markdown file that lives in the `doc/adrs/` folder.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
