Skip to content

Deploy RC 320 to prod#9321

Merged
jmhooper merged 14 commits intostages/prodfrom
stages/rc-2023-10-05
Oct 5, 2023
Merged

Deploy RC 320 to prod#9321
jmhooper merged 14 commits intostages/prodfrom
stages/rc-2023-10-05

Conversation

@jmhooper
Copy link
Contributor

@jmhooper jmhooper commented Oct 5, 2023
edited by soniaconnolly
Loading

User-Facing Improvements

  • Banner: Update flag image to match design system guidance (#9311)
  • Reporting: Adding automated weekly authentication report job (#9295)

Bug Fixes

  • Identity Verification: Fix redo of hybrid document capture and barcode read error acceptance (#9256)
  • MFA Setup: Fix issue preventing user from reauthenticating with an existing MFA method when adding a new method for strict AAL2 request (#9304)

Internal

  • Code Quality: Remove feature flag associated with second MFA reminder (#9228)
  • Continuous Integration: Add secret scanning job (#9296)
  • Dependencies: Update dependencies to latest versions (#9298, #9306, #9307)
  • Logging: Add account reactivation event logging (#9301)
  • Reporting: Reorganize Individual Metric Reports (#9299)
  • Reporting: Update billing logic for AAMVA (#9314)

aduth and others added 14 commits October 3, 2023 10:44
@aduth
LG-10022: Remove feature flag for second MFA reminder (#9228)
e550c5f 
changelog: Internal, Code Quality, Remove feature flag associated with second MFA reminder
Add account reactivation event logging (#9301)
f4c88d4 
* Add account reactivation event logging

changelog: Internal, Logging, Add account reactivation event logging

* fix typo
@aduth
Upgrade identity-design-system to v8.0.0 (#9298)
7ee3960 
changelog: Internal, Dependencies, Update dependencies to latest versions
@aduth
Update SVGO to v3.x (#9306)
11f038a 
* Upgrade SVGO to 3.x

changelog: Internal, Dependencies, Update dependencies to latest version

* Re-optimize assets

* Enable type-checking for root JS files
@ThatSpaceGuy @zachmargolis
LG-11116 Refactor Report Building (#9299)
c29b44d 
* LG-11116 Refactor Report Building

changelog: Internal, Reporting, Reorganize Individual Metric Reports

Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
@aduth
Upgrade TypeScript to 5.2 (#9307)
35ccc55 
* Upgrade TypeScript to 5.2

changelog: Internal, Dependencies, Update dependencies to latest versions

* Upgrade @typescript-eslint/parser
@matthinz
(2/3) Rename ial2_consent_given -> idv_consent_given (#9287)
b099962 
Follow-on to #9286, removing references to ial2_consent_given from the frontend.

[skip changelog]
@Sgtpluck @zachmargolis
LG-10040 automate ial1 funnel report (#9295)
794448c 
changelog: User-Facing Improvements, Reporting, Adding automated weekly authentication report job
---------

Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
@amirbey @soniaconnolly
LG-11012: redo document capture bug fixes (#9256)
6e9cca8 
* Failing spec for hybrid_flow barcode error (redo document capture)

* Add the rest of a hybrid_mobile redo document capture spec (untested)

* redo hybrid doc capture fixed

* hybrid document capture controller determine reload of document

* fix tests

* LG-11012

changelog: Bug Fixes, Identity Verification, fix redo of hybrid document capture and barcode read error acceptance

* resave document capture session

* rename document capture session result created_at to captured_at

* add captured_at attr to DocumentCaptureSessionResult in spec

* confirm_ocr refactor

* add tests for confirming hybrid document capture needed

* unset redo_document_capture in idv_session during hybrid

* unsets redo document capture in idv session with successful doc auth

* ensure hybrid doc capture can occur after successful standard doc capture

* test redo document hybrid after doc auth desktop

* guard no longer needed

* happy linting

* remove unused store_doc_auth_result

* move confirm_ocr to document capture session and call in standard flow

* create doc cap session for doc cap controller spec

* make sessio result private

* create new session result for every doc auth response

* fix init assignment

* test that a new result is created when a doc auth is result is stored in doc cap session

* happy linting

* undo session_result changes

* add test to verify failed images are retained in document capture session

* remove unused variable assignment

* Update app/controllers/idv/hybrid_mobile/document_capture_controller.rb

Co-authored-by: Sonia Connolly <sonia.connolly@gsa.gov>

* happy linting

* reset idv_sesson.redo_document capture in link_sent#update

* test that pii pon verify _info is changesd upon redo_document_capture

* fix text check

* barcode attention if not redoing document capture

* happy linting

* add guard for document_capture_session requested at

* remove unused new_session_result method

* Update app/controllers/idv/document_capture_controller.rb

Co-authored-by: Sonia Connolly <sonia.connolly@gsa.gov>

* add pii value checks to document capture orig on desktop and redo on mobile

* guard incase barcode attention doc auth occurred before the release ad captured_at not yet stored in redis

---------

Co-authored-by: Sonia Connolly <sonia.connolly@gsa.gov>
@soniaconnolly
LG-11122 add gitlab secret scanning (#9296)
b2e13d9 
* Add secret scanning job

changelog: Internal, Continuous Integration, Add secret scanning job

* check all commits since target branch

* Add SECRET_DETECTION_REPORT_FILE

Per suggestion at: https://forum.gitlab.com/t/fail-the-pipeline-if-secret-detection-finds-vulnerabilities/56950/7

* Analyze secret_detection file to make job fail if there are vulnerabilities

From: https://forum.gitlab.com/t/fail-the-pipeline-if-secret-detection-finds-vulnerabilities/56950/5

---------

Co-authored-by: Mitchell Henke <mitchell.henke@gsa.gov>
@zachmargolis
Update AAMVA billing logic (LG-11089) (#9314)
f2efbd7 
- "UnsupportedJurisdiction" means "we did not make a request to AAMVA
  because they don't support this jurisdiction" so they could not have
  charged us for that

changelog: Internal, Reporting, Update billing logic for AAMVA

* Bring back descriptive comment
@aduth
Update banner flag to optimized SVG matching USWDS (#9311)
94279c5 
* Update banner flag to optimized SVG matching USWDS

changelog: User-Facing Improvements, Banner, Update flag image to match design system guidance

* Trim whitespace
@aduth
LG-11110: Allow user to reauthenticate with any MFA method in strict …
734e0b8 
…AAL2 setup (#9304)

* LG-11110: Allow user to reauthenticate with any MFA method

changelog: Bug Fixes, MFA Setup, Fix issue preventing user from reauthenticating with an existing MFA method when adding a new method for strict AAL2 request

* Sync spec descriptions to expected text

* Add feature specs for SAML phishing required

* Update options spec to enforce order

See: https://github.com/18F/identity-idp/pull/9304/files#r1345773215

* Bump CodeClimate
@jmhooper
Add the key_id that is used to the KMS logger (#9310)
00e4701 
Our KMS client now supports the use of multiple keys. Specifically it can be used for encryption with a single-region or multi-region key. This commit adds logging to the KMS tooling to give us visibility into which keys are being used in which contexts.

[skip changelog]
@jmhooper jmhooper merged commit 083c7a8 into stages/prod Oct 5, 2023
@jmhooper jmhooper deleted the stages/rc-2023-10-05 branch October 5, 2023 15:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mdiarra3 mdiarra3 mdiarra3 approved these changes

+1 more reviewer

@soniaconnolly soniaconnolly soniaconnolly approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

status - promotion

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

9 participants

@jmhooper @soniaconnolly @mdiarra3 @aduth @ThatSpaceGuy @matthinz @Sgtpluck @amirbey @zachmargolis