Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

.gitignore

@@ -1,8 +1,6 @@
 target/
 !.mvn/wrapper/maven-wrapper.jar
 functional-output/
-package-lock.json
-
 ### STS ###
 .apt_generated
 .classpath

Jenkinsfile_CNP

@@ -28,7 +28,7 @@ static LinkedHashMap<String, Object> secret(String secretName, String envVar) {
     [$class     : 'AzureKeyVaultSecret',
      secretType : 'Secret',
      name       : secretName,
-     version    : '',   
+     version    : '',
      envVariable: envVar
     ]
 }
@@ -173,4 +173,4 @@ withPipeline(type, product, component) {
             reportName           : "IDAM Web Public E2E functional tests result"
         ]
     }
-}
+}

Jenkinsfile_nightly

@@ -5,8 +5,8 @@ properties([
 
     parameters([
 
-        string(name: 'URL_TO_TEST', defaultValue: 'https://idam-web-public-idam-preview.service.core-compute-idam-preview.internal', description: 'The URL you want to run these tests against'),
-        string(name: 'API_URL_TO_TEST', defaultValue: 'https://idam-api-idam-preview.service.core-compute-idam-preview.internal', description: 'The API URL you want to run these tests against '),
+        string(name: 'URL_TO_TEST', defaultValue: 'https://idam-web-public.aat.platform.hmcts.net', description: 'The URL you want to run these tests against'),
+        string(name: 'API_URL_TO_TEST', defaultValue: 'https://idam-api.aat.platform.hmcts.net', description: 'The API URL you want to run these tests against '),
     ])
 ])
 
@@ -19,7 +19,7 @@ def product = "idam"
 def component = "web-public"
 
 def secrets = [
-    'idam-idam-preview': [
+    'idam-idam-aat': [
         secret('smoke-test-user-username', 'SMOKE_TEST_USER_USERNAME'),
         secret('smoke-test-user-password', 'SMOKE_TEST_USER_PASSWORD'),
         secret('notify-api-key', 'NOTIFY_API_KEY')
@@ -43,6 +43,10 @@ withNightlyPipeline(type, product, component) {
 
     loadVaultSecrets(secrets)
 
+    enableSecurityScan()
+
+    enableMutationTest()
+
     enableFullFunctionalTest(200)
 
     after('fullFunctionalTest') {