Revised Auditee & Auditor Certification Workflow

[jperson1]

Auditee & Auditor Certification Workflow

Issue: #1495
Figma: Auditor Cert Link

Changes:

1. The auditee and auditor certification HTML has been updated to match with the Figma docs.
   • This includes a two-step certification form, for the checklist and signature
2. Auditee/auditor certification stores the certification objects to the SAC DB object.
   • One migration adds both fields to the DB.
   • They have their own json schema files.
   • They are of form:

   auditor/ee_certification: {
       "auditor/ee_certification": {
           "checklist_item": True,
           "checklist_item": True,
           ...
       }
       "auditor/ee_signature:{
           "auditor/ee_name": "A Name",
           "auditor/ee_title": "A Title",
       }
   }
   

3. While the end data is saved to the DB, it does not autofill on the page. Autofill is handled by the session variable that the forms are stored in to bridge the gap between pages. This means that they will autofill if a user reloads the page, but will not autofill if the user closes the page and comes back - or does some other kind of hard-reset. Since this process is (a) short and (b) only meant to be done a single time, I think this is fine.
4. The submission checklist does update as the process is completed. But, it matters little, since it's getting a big update soon.

How to test:

1. Switch to this branch and run normally. Make sure you apply the new migrations. You can also do a clean build with make docker-clean and make docker-first-run.
2. Create an audit, or navigate to an existing one.
3. Get your audit to the state that it can access /audit/auditor-certification/{reportId}. This can be done by completing the SF-SAC, or by manually setting the submission_status to ready_for_certification in the DB. During development, I cheated it by moving the dispatch up so that the role validation didn't kick me out. Good for local dev, bad for prod.
4. Make sure the page works, and that the proper relics are loaded into the DB.

Screenshots:

[github-actions]

Terraform plan for management

Plan: 0 to add, 4 to change, 0 to destroy.

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # cloudfoundry_space_users.space_permissions["dev"] will be updated in-place
  ~ resource "cloudfoundry_space_users" "space_permissions" {
        id         = "e805bda0-6e7a-37a7-ab43-ccbb47801a6e"
      ~ managers   = [
          + "cfdaac5d-4bb5-4655-98c2-e074374e4347",
            # (3 unchanged elements hidden)
        ]
        # (4 unchanged attributes hidden)
    }

  # cloudfoundry_space_users.space_permissions["management"] will be updated in-place
  ~ resource "cloudfoundry_space_users" "space_permissions" {
        id         = "27970728-5de5-c34c-de28-4c98f30a4d5d"
      ~ managers   = [
          + "cfdaac5d-4bb5-4655-98c2-e074374e4347",
            # (3 unchanged elements hidden)
        ]
        # (4 unchanged attributes hidden)
    }

  # cloudfoundry_space_users.space_permissions["production"] will be updated in-place
  ~ resource "cloudfoundry_space_users" "space_permissions" {
        id         = "19114309-930e-d683-01fd-754bc9e54c1a"
      ~ managers   = [
          + "cfdaac5d-4bb5-4655-98c2-e074374e4347",
            # (3 unchanged elements hidden)
        ]
        # (4 unchanged attributes hidden)
    }

  # cloudfoundry_space_users.space_permissions["staging"] will be updated in-place
  ~ resource "cloudfoundry_space_users" "space_permissions" {
        id         = "722d2418-98f6-10f4-4265-1217fb5f17f2"
      ~ managers   = [
          + "cfdaac5d-4bb5-4655-98c2-e074374e4347",
            # (3 unchanged elements hidden)
        ]
        # (4 unchanged attributes hidden)
    }

Plan: 0 to add, 4 to change, 0 to destroy.

📝 Plan generated in Pull Request Checks #239

[github-actions]

Terraform plan for dev

No changes. Your infrastructure matches the configuration.

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

✅ Plan applied in Deploy to Development and Management Environment #95

[github-actions]

Terraform plan for meta

Plan: 4 to add, 0 to change, 0 to destroy.

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # module.environments["dev"].local_file.cf_org will be created
  + resource "local_file" "cf_org" {
      + content              = <<-EOT
            cf_org_name = "gsa-tts-oros-fac"
        EOT
      + content_base64sha256 = (known after apply)
      + content_base64sha512 = (known after apply)
      + content_md5          = (known after apply)
      + content_sha1         = (known after apply)
      + content_sha256       = (known after apply)
      + content_sha512       = (known after apply)
      + directory_permission = "0777"
      + file_permission      = "0644"
      + filename             = "./../dev/orgname.auto.tfvars"
      + id                   = (known after apply)
    }

  # module.environments["preview"].local_file.cf_org will be created
  + resource "local_file" "cf_org" {
      + content              = <<-EOT
            cf_org_name = "gsa-tts-oros-fac"
        EOT
      + content_base64sha256 = (known after apply)
      + content_base64sha512 = (known after apply)
      + content_md5          = (known after apply)
      + content_sha1         = (known after apply)
      + content_sha256       = (known after apply)
      + content_sha512       = (known after apply)
      + directory_permission = "0777"
      + file_permission      = "0644"
      + filename             = "./../preview/orgname.auto.tfvars"
      + id                   = (known after apply)
    }

  # module.environments["production"].local_file.cf_org will be created
  + resource "local_file" "cf_org" {
      + content              = <<-EOT
            cf_org_name = "gsa-tts-oros-fac"
        EOT
      + content_base64sha256 = (known after apply)
      + content_base64sha512 = (known after apply)
      + content_md5          = (known after apply)
      + content_sha1         = (known after apply)
      + content_sha256       = (known after apply)
      + content_sha512       = (known after apply)
      + directory_permission = "0777"
      + file_permission      = "0644"
      + filename             = "./../production/orgname.auto.tfvars"
      + id                   = (known after apply)
    }

  # module.environments["staging"].local_file.cf_org will be created
  + resource "local_file" "cf_org" {
      + content              = <<-EOT
            cf_org_name = "gsa-tts-oros-fac"
        EOT
      + content_base64sha256 = (known after apply)
      + content_base64sha512 = (known after apply)
      + content_md5          = (known after apply)
      + content_sha1         = (known after apply)
      + content_sha256       = (known after apply)
      + content_sha512       = (known after apply)
      + directory_permission = "0777"
      + file_permission      = "0644"
      + filename             = "./../staging/orgname.auto.tfvars"
      + id                   = (known after apply)
    }

Plan: 4 to add, 0 to change, 0 to destroy.

✅ Plan applied in Deploy to Development and Management Environment #95

[jperson1]

Merge conflicts resolved. Needs a run-through to ensure all checklist elements display correctly (certification enables when you get to it, etc).

[jperson1]

This should now be good to go. I've unrequired some sections to ensure the pre-submission validation is enabled when the mandatory uploads are complete.