Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix unknown char in email links #317

Merged
merged 1 commit into from
Feb 11, 2020
Merged

fix unknown char in email links #317

merged 1 commit into from
Feb 11, 2020

Conversation

shravanmechineni
Copy link
Contributor

Fix unknown char ) in notify email links.

Does this PR introduce a breaking change? (check one with "x")

[ ] Yes
[X] No

@jenkins-reform-hmcts2 jenkins-reform-hmcts2 requested a deployment to preview February 4, 2020 16:32 Abandoned
@jenkins-reform-hmcts2 jenkins-reform-hmcts2 temporarily deployed to preview February 4, 2020 17:16 Inactive
@jenkins-reform-hmcts2 jenkins-reform-hmcts2 temporarily deployed to preview February 5, 2020 10:25 Inactive
@jenkins-reform-hmcts2 jenkins-reform-hmcts2 temporarily deployed to preview February 5, 2020 14:36 Inactive
@jenkins-reform-hmcts2 jenkins-reform-hmcts2 temporarily deployed to preview February 5, 2020 17:08 Inactive
@jenkins-reform-hmcts2 jenkins-reform-hmcts2 temporarily deployed to preview February 6, 2020 08:23 Inactive
kremi
kremi reviewed Feb 10, 2020
View reviewed changes
src/test/js/shared/idam_helper.js
@@ -476,7 +476,7 @@ class IdamHelper extends Helper {
const regex = "(https.+)"
const url = emailResponse.body.match(regex);
if (url[0]) {
return url[0].replace(/https:\/\/idam-web-public\..+?\.platform\.hmcts\.net/i, TestData.WEB_PUBLIC_URL);
return url[0].replace(/https:\/\/idam-web-public\..+?\.platform\.hmcts\.net/i, TestData.WEB_PUBLIC_URL).replace(")", "");
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we please find out where that funny bracket is coming from?

@nikola-naydenov-hmcts nikola-naydenov-hmcts merged commit 224010b into preview Feb 11, 2020
nikola-naydenov-hmcts added a commit that referenced this pull request Feb 14, 2020
@nikola-naydenov-hmcts @shravanmechineni
@sudhasane @dfourn @tbamido @henrydobson @NikolaNaydenov
Merging preview to ITHC (#324)
0c66817 
* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* Sidm 3296 waf password configure test (#259)

* special character password test

* added password characters

* changed password characters

* redued wait time

* SIDM-3127 Remove “Is there a problem with this page?” element. (#257)

* feat(SIDM-3128-survey): add pageurl parameter to smartsurvey link (#258) (#268)

* feat(make): add port-forward and force-update-pods (#269)

* feat(SIDM-2040-pw): update password reset messages (#266)

* feat(SIDM-2040-pw): update password reset messages:
- blacklisted: Your password is too easy to guess
- containing personal info: Do not include your name or email in your password
- did not match rules: Your password didn't have all the required characters

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270) (#271)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#282)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* This should fix the ArrAffinity token problem (#278)

* feat(SIDM-2040-pw-create): update create pwd (#279)

* feat(SIDM-2040-pw): update create pwd

* feat(SIDM-2040-pw-register): update create pwd on register user to handle FR errors:
- blacklisted password
- password contains personal info

* add password validation tests (#289)

* feat(SIDM-3128-surveyfix): fix survey url and allow only client_id param (#290)

* SIDM-3397 Expired Reset Password link. (#288)

* SIDM-3397 Expired Reset Password link.

* SIDM-3397 Add test.

* SIDM-3397 Fix after merge.

* Code review adjustements.

* Don't show the hyperlink when the data is not provided.

* SIDM-3499 Upgrade insights agent (#292)

* SIDM-3499 Upgrade Application Insights Agent.

* Attempt to make one of the tests less flaky.

* Fix the web config file.

* fix(docker): update dockerfile from base and use app insights 2.5.1

* Add the agent.

* Fix.

* SIDM-3499 Adjust link caption. (#293)

* Adjust link caption.

* Adjust link caption.

* Rename message names.

* Update contact us details. (revert of the revert) (#294)

* login with spaces in user email (#296)

* SIDM-3411 Springboot whitelabel error (#295)

* Add an AppErrorController.

* Add a redirect.

* Add a generic error jsp.

* Review fixes.

* Duplicated code fix (#291)

* user eal hmcts policyset in the tests (#298)

* Sidm 3530 illegal chars (#299)

* Add illegal characters validation.

* Add the message.

* Improve test coverage and enhance the for loop.

* Update working hours. (#301)

* SIDM 3487 suspended users login message (#303)

* SIDM-3487 Incorrect error message when suspended users try to log in.

* Empty commit

* Trigger a build.

* Upgrade tomcat minor version.

* Adjust the code.

* Revert "Adjust the code."

This reverts commit 3a1f4cd

* SIDM-3591 Update Contact Us page with email details for SSCS. (#304)

* Bringing all project dependencies in line for 1.5.1. (#309)

* Bringing all project dependencies in line for 1.5.1.

* Fixing a test

Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>

* Sidm 3557 nightly functional tests (#305)

* updated code

* added both smoke and functuonal tests to  ightly pipeline

* add reset password with diff case email test (#310)

* Moving the sonar setup here to be in line with idam-api (#311)

Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>

* Sidm 3118 fix flapping tests (#312)

* fix flapping tests

* fix flapping tests

* update wait time in the tests

* fix review comment

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
henrydobson added a commit that referenced this pull request Feb 26, 2020
@henrydobson @NikolaNaydenov
@shravanmechineni @tbamido @nikola-naydenov-hmcts @sudhasane @dfourn
SIDM-3769 - ITHC to PerfTest (#327)
54c8e6b 
* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* Merging preview to ITHC (#324)

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* Sidm 3296 waf password configure test (#259)

* special character password test

* added password characters

* changed password characters

* redued wait time

* SIDM-3127 Remove “Is there a problem with this page?” element. (#257)

* feat(SIDM-3128-survey): add pageurl parameter to smartsurvey link (#258) (#268)

* feat(make): add port-forward and force-update-pods (#269)

* feat(SIDM-2040-pw): update password reset messages (#266)

* feat(SIDM-2040-pw): update password reset messages:
- blacklisted: Your password is too easy to guess
- containing personal info: Do not include your name or email in your password
- did not match rules: Your password didn't have all the required characters

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270) (#271)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#282)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* This should fix the ArrAffinity token problem (#278)

* feat(SIDM-2040-pw-create): update create pwd (#279)

* feat(SIDM-2040-pw): update create pwd

* feat(SIDM-2040-pw-register): update create pwd on register user to handle FR errors:
- blacklisted password
- password contains personal info

* add password validation tests (#289)

* feat(SIDM-3128-surveyfix): fix survey url and allow only client_id param (#290)

* SIDM-3397 Expired Reset Password link. (#288)

* SIDM-3397 Expired Reset Password link.

* SIDM-3397 Add test.

* SIDM-3397 Fix after merge.

* Code review adjustements.

* Don't show the hyperlink when the data is not provided.

* SIDM-3499 Upgrade insights agent (#292)

* SIDM-3499 Upgrade Application Insights Agent.

* Attempt to make one of the tests less flaky.

* Fix the web config file.

* fix(docker): update dockerfile from base and use app insights 2.5.1

* Add the agent.

* Fix.

* SIDM-3499 Adjust link caption. (#293)

* Adjust link caption.

* Adjust link caption.

* Rename message names.

* Update contact us details. (revert of the revert) (#294)

* login with spaces in user email (#296)

* SIDM-3411 Springboot whitelabel error (#295)

* Add an AppErrorController.

* Add a redirect.

* Add a generic error jsp.

* Review fixes.

* Duplicated code fix (#291)

* user eal hmcts policyset in the tests (#298)

* Sidm 3530 illegal chars (#299)

* Add illegal characters validation.

* Add the message.

* Improve test coverage and enhance the for loop.

* Update working hours. (#301)

* SIDM 3487 suspended users login message (#303)

* SIDM-3487 Incorrect error message when suspended users try to log in.

* Empty commit

* Trigger a build.

* Upgrade tomcat minor version.

* Adjust the code.

* Revert "Adjust the code."

This reverts commit 3a1f4cd

* SIDM-3591 Update Contact Us page with email details for SSCS. (#304)

* Bringing all project dependencies in line for 1.5.1. (#309)

* Bringing all project dependencies in line for 1.5.1.

* Fixing a test

Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>

* Sidm 3557 nightly functional tests (#305)

* updated code

* added both smoke and functuonal tests to  ightly pipeline

* add reset password with diff case email test (#310)

* Moving the sonar setup here to be in line with idam-api (#311)

Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>

* Sidm 3118 fix flapping tests (#312)

* fix flapping tests

* fix flapping tests

* update wait time in the tests

* fix review comment

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>

* ci(env name): add override for env name for build with aks (#325)

Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
henrydobson added a commit that referenced this pull request Mar 14, 2020
@kremi @NikolaNaydenov
@shravanmechineni @henrydobson @tbamido @sudhasane @dfourn @nikola-naydenov-hmcts
2.0 RC (#330)
b79a13c 
* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
henrydobson added a commit that referenced this pull request Mar 23, 2020
@henrydobson @NikolaNaydenov
@shravanmechineni @tbamido @sudhasane @kremi @dfourn @nikola-naydenov-hmcts
2.0.0 RC1 aat values (#336)
0ba09e0 
* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
ghost pushed a commit that referenced this pull request Apr 29, 2020
@kremi @NikolaNaydenov
@dfourn @nikola-naydenov-hmcts @shravanmechineni @tbamido @henrydobson @sudhasane
merge master to demo (#364)
fc1a17f 
* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>
ghost pushed a commit that referenced this pull request Apr 29, 2020
@kremi @NikolaNaydenov
@dfourn @nikola-naydenov-hmcts @shravanmechineni @tbamido @henrydobson @sudhasane
Merge demo to preview after merging master to demo (#365)
2767c79 
* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>
ghost pushed a commit that referenced this pull request May 19, 2020
@kremi @NikolaNaydenov
@dfourn @nikola-naydenov-hmcts @shravanmechineni @tbamido @henrydobson @sudhasane
Preview to demo (#371)
66d253d 
* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>
ghost pushed a commit that referenced this pull request Jun 2, 2020
@kremi @NikolaNaydenov
@dfourn @nikola-naydenov-hmcts @shravanmechineni @tbamido @henrydobson @sudhasane
Create/align the current preview with 2.1.0-RC1. (#372)
b5d8319 
* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>
henrydobson added a commit that referenced this pull request Jun 8, 2020
@henrydobson @kremi
@NikolaNaydenov @dfourn @nikola-naydenov-hmcts @shravanmechineni @tbamido @sudhasane
V2 1 intermediary master bfg (#374)
e44e3bc 
* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* chore(installcharts): remove cicd config installCharts (deprecated)

* chore(deletion): remove local file

* chore(deletion): remove local file

* Update dependency-check-suppressions.xml
Suppress CVE-2020-9484

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>
henrydobson added a commit that referenced this pull request Jun 9, 2020
@henrydobson @nikola-naydenov-hmcts
@dfourn @tbamido @kremi @NikolaNaydenov @shravanmechineni @sudhasane
v2 rc1 (#375)
7c2b849 
* Adding support for multiple affinity cookies (#331)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* SIDM-2686 - Cross browser tests (#333)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Welsh language (#334)

* Add currently existing Welsh translations as messages_cy.propertes thus creating a bundle. The messages at this stage are copied "as is", and may contain translation errors.

* Externalise messages from Contact Us page.
Externalise titles from the remaining pages.

* Add a script automating hardcoded text i18n.

* SIDM-3761 Add language switcher to wrapper.tag based on example provided in Jira

* Introduce language-specific static pages and selection mechanism based on locale in context.

* Remove default locale making it possible to set it via Accept-Language HTTP header.

* Add support for preferred languages and scripts for the user interface represented as a space-separated list of BCP47.

* Minor logging fix.

* Fix an invalid test ensuring no cookie is set.

* Fix locale parameter rename in JSPs.

* Reduce cognitive complexity. Increase readability.

* Get available languages from messages bundle rather than hardcoded list of values.

* Fix a broken unit test.

* Introduce a dedicated JSP tag for a language switch. Make it reuse the current URL and add/replace ui_locales parameter with JS.

* Externalise constants.

* Change language switching URL to be build server-side to avoid the need for JS client-side.

* Add locale passing interceptor.

* Inject LocalePassingInterceptor to the global REST Template.

* Ignore other local profiles.

* Extend the locale cookie expiration.

* Increase the cookie expiration to 10 years.

* Cleanup debug code.

* Don't overwrite the language header set in another thread in the interceptor.
Add the language header to forget password call manually, as it's being run in another thread and has no knowledge of the user's selected locale.

* SIDM-3353 Create password - add additional guidance text. (#337)

* Improve test coverage. (#347)

* More test coverage for Welsh. (#348)

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* COVID-19 Contact Us pages changes (post Welsh) (#350)

* COVID-19 Contact Us pages changes (post Welsh)

* Use the provided Welsh translation for a missing line.

* Sidm 3831 externalise text (#342)

* Externalise messages from static pages.

* Improve message for missing EN elements.

* Add missing email addresses for English.

* Remove an unused property.

* Reexport Contact Us page to include the update and COVID-19 opening times changes.

* SIDM-3831 Fix Welsh translations. (#355)

* SIDM-3582 SIDM-3404 Account Activation link expired screen (#354)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

* SIDM-3404 Update captions.

* SIDM-3404 Add Welsh translations.

* SIDM-3582 Fix incorrect error screen for expired account activation url. (#346)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Add some missing Welsh translations for SIDM-3353.

* Add a new test.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Welsh - fix AKS languages (#357)

* Add debug code listing request params

* Remove debug code. Add an attempted fix.

* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

* V2 1 intermediary master bfg (#374)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* chore(installcharts): remove cicd config installCharts (deprecated)

* chore(deletion): remove local file

* chore(deletion): remove local file

* Update dependency-check-suppressions.xml
Suppress CVE-2020-9484

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(prod blocker): add blocker

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Radoslaw Orlowski <59831983+radoslaw-orlowski-amido@users.noreply.github.com>
Co-authored-by: Radoslaw Orlowski <radoslaw.orlowski@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
henrydobson added a commit that referenced this pull request Jun 10, 2020
@tbamido @nikola-naydenov-hmcts
@henrydobson @dfourn @kremi @NikolaNaydenov @shravanmechineni @sudhasane
V2 1 rc2 preview into master (#383)
85355d3 
* Adding support for multiple affinity cookies (#331)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* SIDM-2686 - Cross browser tests (#333)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Welsh language (#334)

* Add currently existing Welsh translations as messages_cy.propertes thus creating a bundle. The messages at this stage are copied "as is", and may contain translation errors.

* Externalise messages from Contact Us page.
Externalise titles from the remaining pages.

* Add a script automating hardcoded text i18n.

* SIDM-3761 Add language switcher to wrapper.tag based on example provided in Jira

* Introduce language-specific static pages and selection mechanism based on locale in context.

* Remove default locale making it possible to set it via Accept-Language HTTP header.

* Add support for preferred languages and scripts for the user interface represented as a space-separated list of BCP47.

* Minor logging fix.

* Fix an invalid test ensuring no cookie is set.

* Fix locale parameter rename in JSPs.

* Reduce cognitive complexity. Increase readability.

* Get available languages from messages bundle rather than hardcoded list of values.

* Fix a broken unit test.

* Introduce a dedicated JSP tag for a language switch. Make it reuse the current URL and add/replace ui_locales parameter with JS.

* Externalise constants.

* Change language switching URL to be build server-side to avoid the need for JS client-side.

* Add locale passing interceptor.

* Inject LocalePassingInterceptor to the global REST Template.

* Ignore other local profiles.

* Extend the locale cookie expiration.

* Increase the cookie expiration to 10 years.

* Cleanup debug code.

* Don't overwrite the language header set in another thread in the interceptor.
Add the language header to forget password call manually, as it's being run in another thread and has no knowledge of the user's selected locale.

* SIDM-3353 Create password - add additional guidance text. (#337)

* Improve test coverage. (#347)

* More test coverage for Welsh. (#348)

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* COVID-19 Contact Us pages changes (post Welsh) (#350)

* COVID-19 Contact Us pages changes (post Welsh)

* Use the provided Welsh translation for a missing line.

* Sidm 3831 externalise text (#342)

* Externalise messages from static pages.

* Improve message for missing EN elements.

* Add missing email addresses for English.

* Remove an unused property.

* Reexport Contact Us page to include the update and COVID-19 opening times changes.

* SIDM-3831 Fix Welsh translations. (#355)

* SIDM-3582 SIDM-3404 Account Activation link expired screen (#354)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

* SIDM-3404 Update captions.

* SIDM-3404 Add Welsh translations.

* SIDM-3582 Fix incorrect error screen for expired account activation url. (#346)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Add some missing Welsh translations for SIDM-3353.

* Add a new test.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Welsh - fix AKS languages (#357)

* Add debug code listing request params

* Remove debug code. Add an attempted fix.

* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

* V2 1 intermediary master bfg (#374)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* chore(installcharts): remove cicd config installCharts (deprecated)

* chore(deletion): remove local file

* chore(deletion): remove local file

* Update dependency-check-suppressions.xml
Suppress CVE-2020-9484

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* Increase test code coverage. (#377)

* Increase test code coverage.

* Increase test code coverage, pt.2.

* avoid running functional tests twice in nightly build

* Add missing assertions in a test.

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix: remove reference to idam-master tf state (#378)

* Sonar failure fix attempt. (#381)

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Radoslaw Orlowski <59831983+radoslaw-orlowski-amido@users.noreply.github.com>
Co-authored-by: Radoslaw Orlowski <radoslaw.orlowski@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Douglas Brand-Williamson <doug.brand@amido.com>
tbamido added a commit that referenced this pull request Jun 10, 2020
@tbamido @kremi
@NikolaNaydenov @dfourn @nikola-naydenov-hmcts @shravanmechineni @henrydobson @sudhasane
V2 1 rc2 master into preview (#386)
7498843 
* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* v2 rc1 (#375)

* Adding support for multiple affinity cookies (#331)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* SIDM-2686 - Cross browser tests (#333)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Welsh language (#334)

* Add currently existing Welsh translations as messages_cy.propertes thus creating a bundle. The messages at this stage are copied "as is", and may contain translation errors.

* Externalise messages from Contact Us page.
Externalise titles from the remaining pages.

* Add a script automating hardcoded text i18n.

* SIDM-3761 Add language switcher to wrapper.tag based on example provided in Jira

* Introduce language-specific static pages and selection mechanism based on locale in context.

* Remove default locale making it possible to set it via Accept-Language HTTP header.

* Add support for preferred languages and scripts for the user interface represented as a space-separated list of BCP47.

* Minor logging fix.

* Fix an invalid test ensuring no cookie is set.

* Fix locale parameter rename in JSPs.

* Reduce cognitive complexity. Increase readability.

* Get available languages from messages bundle rather than hardcoded list of values.

* Fix a broken unit test.

* Introduce a dedicated JSP tag for a language switch. Make it reuse the current URL and add/replace ui_locales parameter with JS.

* Externalise constants.

* Change language switching URL to be build server-side to avoid the need for JS client-side.

* Add locale passing interceptor.

* Inject LocalePassingInterceptor to the global REST Template.

* Ignore other local profiles.

* Extend the locale cookie expiration.

* Increase the cookie expiration to 10 years.

* Cleanup debug code.

* Don't overwrite the language header set in another thread in the interceptor.
Add the language header to forget password call manually, as it's being run in another thread and has no knowledge of the user's selected locale.

* SIDM-3353 Create password - add additional guidance text. (#337)

* Improve test coverage. (#347)

* More test coverage for Welsh. (#348)

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* COVID-19 Contact Us pages changes (post Welsh) (#350)

* COVID-19 Contact Us pages changes (post Welsh)

* Use the provided Welsh translation for a missing line.

* Sidm 3831 externalise text (#342)

* Externalise messages from static pages.

* Improve message for missing EN elements.

* Add missing email addresses for English.

* Remove an unused property.

* Reexport Contact Us page to include the update and COVID-19 opening times changes.

* SIDM-3831 Fix Welsh translations. (#355)

* SIDM-3582 SIDM-3404 Account Activation link expired screen (#354)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

* SIDM-3404 Update captions.

* SIDM-3404 Add Welsh translations.

* SIDM-3582 Fix incorrect error screen for expired account activation url. (#346)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Add some missing Welsh translations for SIDM-3353.

* Add a new test.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Welsh - fix AKS languages (#357)

* Add debug code listing request params

* Remove debug code. Add an attempted fix.

* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

* V2 1 intermediary master bfg (#374)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates scre…
tbamido added a commit that referenced this pull request Jun 10, 2020
@tbamido @nikola-naydenov-hmcts
@henrydobson @dfourn @kremi @NikolaNaydenov @shravanmechineni @sudhasane
v2.1-rc2 preview into master (#387)
391c72f 
* Adding support for multiple affinity cookies (#331)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* SIDM-2686 - Cross browser tests (#333)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Welsh language (#334)

* Add currently existing Welsh translations as messages_cy.propertes thus creating a bundle. The messages at this stage are copied "as is", and may contain translation errors.

* Externalise messages from Contact Us page.
Externalise titles from the remaining pages.

* Add a script automating hardcoded text i18n.

* SIDM-3761 Add language switcher to wrapper.tag based on example provided in Jira

* Introduce language-specific static pages and selection mechanism based on locale in context.

* Remove default locale making it possible to set it via Accept-Language HTTP header.

* Add support for preferred languages and scripts for the user interface represented as a space-separated list of BCP47.

* Minor logging fix.

* Fix an invalid test ensuring no cookie is set.

* Fix locale parameter rename in JSPs.

* Reduce cognitive complexity. Increase readability.

* Get available languages from messages bundle rather than hardcoded list of values.

* Fix a broken unit test.

* Introduce a dedicated JSP tag for a language switch. Make it reuse the current URL and add/replace ui_locales parameter with JS.

* Externalise constants.

* Change language switching URL to be build server-side to avoid the need for JS client-side.

* Add locale passing interceptor.

* Inject LocalePassingInterceptor to the global REST Template.

* Ignore other local profiles.

* Extend the locale cookie expiration.

* Increase the cookie expiration to 10 years.

* Cleanup debug code.

* Don't overwrite the language header set in another thread in the interceptor.
Add the language header to forget password call manually, as it's being run in another thread and has no knowledge of the user's selected locale.

* SIDM-3353 Create password - add additional guidance text. (#337)

* Improve test coverage. (#347)

* More test coverage for Welsh. (#348)

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* COVID-19 Contact Us pages changes (post Welsh) (#350)

* COVID-19 Contact Us pages changes (post Welsh)

* Use the provided Welsh translation for a missing line.

* Sidm 3831 externalise text (#342)

* Externalise messages from static pages.

* Improve message for missing EN elements.

* Add missing email addresses for English.

* Remove an unused property.

* Reexport Contact Us page to include the update and COVID-19 opening times changes.

* SIDM-3831 Fix Welsh translations. (#355)

* SIDM-3582 SIDM-3404 Account Activation link expired screen (#354)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

* SIDM-3404 Update captions.

* SIDM-3404 Add Welsh translations.

* SIDM-3582 Fix incorrect error screen for expired account activation url. (#346)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Add some missing Welsh translations for SIDM-3353.

* Add a new test.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Welsh - fix AKS languages (#357)

* Add debug code listing request params

* Remove debug code. Add an attempted fix.

* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

* V2 1 intermediary master bfg (#374)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* chore(installcharts): remove cicd config installCharts (deprecated)

* chore(deletion): remove local file

* chore(deletion): remove local file

* Update dependency-check-suppressions.xml
Suppress CVE-2020-9484

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* Increase test code coverage. (#377)

* Increase test code coverage.

* Increase test code coverage, pt.2.

* avoid running functional tests twice in nightly build

* Add missing assertions in a test.

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix: remove reference to idam-master tf state (#378)

* Sonar failure fix attempt. (#381)

* V2 1 rc2 master into preview (#386)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor…
henrydobson added a commit that referenced this pull request Jun 11, 2020
@tbamido @kremi
@NikolaNaydenov @dfourn @nikola-naydenov-hmcts @shravanmechineni @henrydobson @sudhasane
V2 1 rc2 master into perftest (#385)
0450abe 
* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* v2 rc1 (#375)

* Adding support for multiple affinity cookies (#331)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* SIDM-2686 - Cross browser tests (#333)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Welsh language (#334)

* Add currently existing Welsh translations as messages_cy.propertes thus creating a bundle. The messages at this stage are copied "as is", and may contain translation errors.

* Externalise messages from Contact Us page.
Externalise titles from the remaining pages.

* Add a script automating hardcoded text i18n.

* SIDM-3761 Add language switcher to wrapper.tag based on example provided in Jira

* Introduce language-specific static pages and selection mechanism based on locale in context.

* Remove default locale making it possible to set it via Accept-Language HTTP header.

* Add support for preferred languages and scripts for the user interface represented as a space-separated list of BCP47.

* Minor logging fix.

* Fix an invalid test ensuring no cookie is set.

* Fix locale parameter rename in JSPs.

* Reduce cognitive complexity. Increase readability.

* Get available languages from messages bundle rather than hardcoded list of values.

* Fix a broken unit test.

* Introduce a dedicated JSP tag for a language switch. Make it reuse the current URL and add/replace ui_locales parameter with JS.

* Externalise constants.

* Change language switching URL to be build server-side to avoid the need for JS client-side.

* Add locale passing interceptor.

* Inject LocalePassingInterceptor to the global REST Template.

* Ignore other local profiles.

* Extend the locale cookie expiration.

* Increase the cookie expiration to 10 years.

* Cleanup debug code.

* Don't overwrite the language header set in another thread in the interceptor.
Add the language header to forget password call manually, as it's being run in another thread and has no knowledge of the user's selected locale.

* SIDM-3353 Create password - add additional guidance text. (#337)

* Improve test coverage. (#347)

* More test coverage for Welsh. (#348)

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* COVID-19 Contact Us pages changes (post Welsh) (#350)

* COVID-19 Contact Us pages changes (post Welsh)

* Use the provided Welsh translation for a missing line.

* Sidm 3831 externalise text (#342)

* Externalise messages from static pages.

* Improve message for missing EN elements.

* Add missing email addresses for English.

* Remove an unused property.

* Reexport Contact Us page to include the update and COVID-19 opening times changes.

* SIDM-3831 Fix Welsh translations. (#355)

* SIDM-3582 SIDM-3404 Account Activation link expired screen (#354)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

* SIDM-3404 Update captions.

* SIDM-3404 Add Welsh translations.

* SIDM-3582 Fix incorrect error screen for expired account activation url. (#346)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Add some missing Welsh translations for SIDM-3353.

* Add a new test.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Welsh - fix AKS languages (#357)

* Add debug code listing request params

* Remove debug code. Add an attempted fix.

* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

* V2 1 intermediary master bfg (#374)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates scr…
henrydobson added a commit that referenced this pull request Jul 17, 2020
@henrydobson @kremi
@NikolaNaydenov @dfourn @nikola-naydenov-hmcts @shravanmechineni @tbamido @sudhasane @jitumiah
2.2rc1 update 2.2 from preview (#419)
47744ed 
* V2 1 intermediary master bfg (#374)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* chore(installcharts): remove cicd config installCharts (deprecated)

* chore(deletion): remove local file

* chore(deletion): remove local file

* Update dependency-check-suppressions.xml
Suppress CVE-2020-9484

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* Increase test code coverage. (#377)

* Increase test code coverage.

* Increase test code coverage, pt.2.

* avoid running functional tests twice in nightly build

* Add missing assertions in a test.

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix: remove reference to idam-master tf state (#378)

* Sonar failure fix attempt. (#381)

* V2 1 rc2 master into preview (#386)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* v2 rc1 (#375)

* Adding support for multiple affinity cookies (#331)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* SIDM-2686 - Cross browser tests (#333)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Welsh language (#334)

* Add currently existing Welsh translations as messages_cy.propertes thus creating a bundle. The messages at this stage are copied "as is", and may contain translation errors.

* Externalise messages from Contact Us page.
Externalise titles from the remaining pages.

* Add a script automating hardcoded text i18n.

* SIDM-3761 Add language switcher to wrapper.tag based on example provided in Jira

* Introduce language-specific static pages and selection mechanism based on locale in context.

* Remove default locale making it possible to set it via Accept-Language HTTP header.

* Add support for preferred languages and scripts for the user interface represented as a space-separated list of BCP47.

* Minor logging fix.

* Fix an invalid test ensuring no cookie is set.

* Fix locale parameter rename in JSPs.

* Reduce cognitive complexity. Increase readability.

* Get available languages from messages bundle rather than hardcoded list of values.

* Fix a broken unit test.

* Introduce a dedicated JSP tag for a language switch. Make it reuse the current URL and add/replace ui_locales parameter with JS.

* Externalise constants.

* Change language switching URL to be build server-side to avoid the need for JS client-side.

* Add locale passing interceptor.

* Inject LocalePassingInterceptor to the global REST Template.

* Ignore other local profiles.

* Extend the locale cookie expiration.

* Increase the cookie expiration to 10 years.

* Cleanup debug code.

* Don't overwrite the language header set in another thread in the interceptor.
Add the language header to forget password call manually, as it's being run in another thread and has no knowledge of the user's selected locale.

* SIDM-3353 Create password - add additional guidance text. (#337)

* Improve test coverage. (#347)

* More test coverage for Welsh. (#348)

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* COVID-19 Contact Us pages changes (post Welsh) (#350)

* COVID-19 Contact Us pages changes (post Welsh)

* Use the provided Welsh translation for a missing line.

* Sidm 3831 externalise text (#342)

* Externalise messages from static pages.

* Improve message for missing EN elements.

* Add missing email addresses for English.

* Remove an unused property.

* Reexport Contact Us page to include the update and COVID-19 opening times changes.

* SIDM-3831 Fix Welsh translations. (#355)

* SIDM-3582 SIDM-3404 Account Activation link expired screen (#354)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

* SIDM-3404 Update captions.

* SIDM-3404 Add Welsh translations.

* SIDM-3582 Fix incorrect error screen for expired account activation url. (#346)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Add some missing Welsh translations for SIDM-3353.

* Add a new test.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Welsh - fix AKS languages (#357)

* Add debug code listing request params

* Remove debug code. Add an attempted fix.

* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest relat…
dougbw pushed a commit that referenced this pull request Jul 24, 2020
@tbamido @nikola-naydenov-hmcts
@henrydobson @dfourn @kremi @NikolaNaydenov @shravanmechineni @sudhasane @jitumiah
Perftest 2.2 (#422)
da5da0d 
* Adding support for multiple affinity cookies (#331)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* SIDM-2686 - Cross browser tests (#333)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Welsh language (#334)

* Add currently existing Welsh translations as messages_cy.propertes thus creating a bundle. The messages at this stage are copied "as is", and may contain translation errors.

* Externalise messages from Contact Us page.
Externalise titles from the remaining pages.

* Add a script automating hardcoded text i18n.

* SIDM-3761 Add language switcher to wrapper.tag based on example provided in Jira

* Introduce language-specific static pages and selection mechanism based on locale in context.

* Remove default locale making it possible to set it via Accept-Language HTTP header.

* Add support for preferred languages and scripts for the user interface represented as a space-separated list of BCP47.

* Minor logging fix.

* Fix an invalid test ensuring no cookie is set.

* Fix locale parameter rename in JSPs.

* Reduce cognitive complexity. Increase readability.

* Get available languages from messages bundle rather than hardcoded list of values.

* Fix a broken unit test.

* Introduce a dedicated JSP tag for a language switch. Make it reuse the current URL and add/replace ui_locales parameter with JS.

* Externalise constants.

* Change language switching URL to be build server-side to avoid the need for JS client-side.

* Add locale passing interceptor.

* Inject LocalePassingInterceptor to the global REST Template.

* Ignore other local profiles.

* Extend the locale cookie expiration.

* Increase the cookie expiration to 10 years.

* Cleanup debug code.

* Don't overwrite the language header set in another thread in the interceptor.
Add the language header to forget password call manually, as it's being run in another thread and has no knowledge of the user's selected locale.

* SIDM-3353 Create password - add additional guidance text. (#337)

* Improve test coverage. (#347)

* More test coverage for Welsh. (#348)

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* COVID-19 Contact Us pages changes (post Welsh) (#350)

* COVID-19 Contact Us pages changes (post Welsh)

* Use the provided Welsh translation for a missing line.

* Sidm 3831 externalise text (#342)

* Externalise messages from static pages.

* Improve message for missing EN elements.

* Add missing email addresses for English.

* Remove an unused property.

* Reexport Contact Us page to include the update and COVID-19 opening times changes.

* SIDM-3831 Fix Welsh translations. (#355)

* SIDM-3582 SIDM-3404 Account Activation link expired screen (#354)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

* SIDM-3404 Update captions.

* SIDM-3404 Add Welsh translations.

* SIDM-3582 Fix incorrect error screen for expired account activation url. (#346)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Add some missing Welsh translations for SIDM-3353.

* Add a new test.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Welsh - fix AKS languages (#357)

* Add debug code listing request params

* Remove debug code. Add an attempted fix.

* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

* 2.2rc1 update 2.2 from preview (#419)

* V2 1 intermediary master bfg (#374)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* chore(installcharts): remove cicd config installCharts (deprecated)

* chore(deletion): remove local file

* chore(deletion): remove local file

* Update dependency-check-suppressions.xml
Suppress CVE-2020-9484

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* Increase test code coverage. (#377)

* Increase test code coverage.

* Increase test code coverage, pt.2.

* avoid running functional tests twice in nightly build

* Add missing assertions in a test.

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix: remove reference to idam-master tf state (#378)

* Sonar failure fix attempt. (#381)

* V2 1 rc2 master into preview (#386)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java rele…
henrydobson added a commit that referenced this pull request Aug 4, 2020
@tbamido @henrydobson
@kremi @NikolaNaydenov @dfourn @nikola-naydenov-hmcts @shravanmechineni @sudhasane @jitumiah
Master 2 2 from perf (#425)
6484903 
* v2.0.0 RC1 (idam-session-cookie hotfix) (#335)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* V2 1 rc2 master into perftest (#385)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* v2 rc1 (#375)

* Adding support for multiple affinity cookies (#331)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* SIDM-2686 - Cross browser tests (#333)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Welsh language (#334)

* Add currently existing Welsh translations as messages_cy.propertes thus creating a bundle. The messages at this stage are copied "as is", and may contain translation errors.

* Externalise messages from Contact Us page.
Externalise titles from the remaining pages.

* Add a script automating hardcoded text i18n.

* SIDM-3761 Add language switcher to wrapper.tag based on example provided in Jira

* Introduce language-specific static pages and selection mechanism based on locale in context.

* Remove default locale making it possible to set it via Accept-Language HTTP header.

* Add support for preferred languages and scripts for the user interface represented as a space-separated list of BCP47.

* Minor logging fix.

* Fix an invalid test ensuring no cookie is set.

* Fix locale parameter rename in JSPs.

* Reduce cognitive complexity. Increase readability.

* Get available languages from messages bundle rather than hardcoded list of values.

* Fix a broken unit test.

* Introduce a dedicated JSP tag for a language switch. Make it reuse the current URL and add/replace ui_locales parameter with JS.

* Externalise constants.

* Change language switching URL to be build server-side to avoid the need for JS client-side.

* Add locale passing interceptor.

* Inject LocalePassingInterceptor to the global REST Template.

* Ignore other local profiles.

* Extend the locale cookie expiration.

* Increase the cookie expiration to 10 years.

* Cleanup debug code.

* Don't overwrite the language header set in another thread in the interceptor.
Add the language header to forget password call manually, as it's being run in another thread and has no knowledge of the user's selected locale.

* SIDM-3353 Create password - add additional guidance text. (#337)

* Improve test coverage. (#347)

* More test coverage for Welsh. (#348)

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* COVID-19 Contact Us pages changes (post Welsh) (#350)

* COVID-19 Contact Us pages changes (post Welsh)

* Use the provided Welsh translation for a missing line.

* Sidm 3831 externalise text (#342)

* Externalise messages from static pages.

* Improve message for missing EN elements.

* Add missing email addresses for English.

* Remove an unused property.

* Reexport Contact Us page to include the update and COVID-19 opening times changes.

* SIDM-3831 Fix Welsh translations. (#355)

* SIDM-3582 SIDM-3404 Account Activation link expired screen (#354)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

* SIDM-3404 Update captions.

* SIDM-3404 Add Welsh translations.

* SIDM-3582 Fix incorrect error screen for expired account activation url. (#346)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Add some missing Welsh translations for SIDM-3353.

* Add a new test.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Welsh - fix AKS languages (#357)

* Add debug code listing request params

* Remove debug code. Add an attempted fix.

* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

* V2 1 intermediary master bfg (#374)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is teste…
shravanmechineni added a commit that referenced this pull request Aug 5, 2020
@tbamido @nikola-naydenov-hmcts
@henrydobson @dfourn @kremi @NikolaNaydenov @shravanmechineni @sudhasane @jitumiah
chore(pitest): fix pitest gradle task (#428)
9db8a67 
* Adding support for multiple affinity cookies (#331)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* SIDM-2686 - Cross browser tests (#333)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Welsh language (#334)

* Add currently existing Welsh translations as messages_cy.propertes thus creating a bundle. The messages at this stage are copied "as is", and may contain translation errors.

* Externalise messages from Contact Us page.
Externalise titles from the remaining pages.

* Add a script automating hardcoded text i18n.

* SIDM-3761 Add language switcher to wrapper.tag based on example provided in Jira

* Introduce language-specific static pages and selection mechanism based on locale in context.

* Remove default locale making it possible to set it via Accept-Language HTTP header.

* Add support for preferred languages and scripts for the user interface represented as a space-separated list of BCP47.

* Minor logging fix.

* Fix an invalid test ensuring no cookie is set.

* Fix locale parameter rename in JSPs.

* Reduce cognitive complexity. Increase readability.

* Get available languages from messages bundle rather than hardcoded list of values.

* Fix a broken unit test.

* Introduce a dedicated JSP tag for a language switch. Make it reuse the current URL and add/replace ui_locales parameter with JS.

* Externalise constants.

* Change language switching URL to be build server-side to avoid the need for JS client-side.

* Add locale passing interceptor.

* Inject LocalePassingInterceptor to the global REST Template.

* Ignore other local profiles.

* Extend the locale cookie expiration.

* Increase the cookie expiration to 10 years.

* Cleanup debug code.

* Don't overwrite the language header set in another thread in the interceptor.
Add the language header to forget password call manually, as it's being run in another thread and has no knowledge of the user's selected locale.

* SIDM-3353 Create password - add additional guidance text. (#337)

* Improve test coverage. (#347)

* More test coverage for Welsh. (#348)

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* COVID-19 Contact Us pages changes (post Welsh) (#350)

* COVID-19 Contact Us pages changes (post Welsh)

* Use the provided Welsh translation for a missing line.

* Sidm 3831 externalise text (#342)

* Externalise messages from static pages.

* Improve message for missing EN elements.

* Add missing email addresses for English.

* Remove an unused property.

* Reexport Contact Us page to include the update and COVID-19 opening times changes.

* SIDM-3831 Fix Welsh translations. (#355)

* SIDM-3582 SIDM-3404 Account Activation link expired screen (#354)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

* SIDM-3404 Update captions.

* SIDM-3404 Add Welsh translations.

* SIDM-3582 Fix incorrect error screen for expired account activation url. (#346)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Add some missing Welsh translations for SIDM-3353.

* Add a new test.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Welsh - fix AKS languages (#357)

* Add debug code listing request params

* Remove debug code. Add an attempted fix.

* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

* 2.2rc1 update 2.2 from preview (#419)

* V2 1 intermediary master bfg (#374)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* chore(installcharts): remove cicd config installCharts (deprecated)

* chore(deletion): remove local file

* chore(deletion): remove local file

* Update dependency-check-suppressions.xml
Suppress CVE-2020-9484

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* Increase test code coverage. (#377)

* Increase test code coverage.

* Increase test code coverage, pt.2.

* avoid running functional tests twice in nightly build

* Add missing assertions in a test.

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix: remove reference to idam-master tf state (#378)

* Sonar failure fix attempt. (#381)

* V2 1 rc2 master into preview (#386)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java…
dfourn added a commit that referenced this pull request Aug 6, 2020
@dfourn @nikola-naydenov-hmcts
@henrydobson @tbamido @kremi @NikolaNaydenov @shravanmechineni @sudhasane @jitumiah
2.2 to master (#431)
e24130a 
* Adding support for multiple affinity cookies (#331)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* SIDM-2686 - Cross browser tests (#333)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Welsh language (#334)

* Add currently existing Welsh translations as messages_cy.propertes thus creating a bundle. The messages at this stage are copied "as is", and may contain translation errors.

* Externalise messages from Contact Us page.
Externalise titles from the remaining pages.

* Add a script automating hardcoded text i18n.

* SIDM-3761 Add language switcher to wrapper.tag based on example provided in Jira

* Introduce language-specific static pages and selection mechanism based on locale in context.

* Remove default locale making it possible to set it via Accept-Language HTTP header.

* Add support for preferred languages and scripts for the user interface represented as a space-separated list of BCP47.

* Minor logging fix.

* Fix an invalid test ensuring no cookie is set.

* Fix locale parameter rename in JSPs.

* Reduce cognitive complexity. Increase readability.

* Get available languages from messages bundle rather than hardcoded list of values.

* Fix a broken unit test.

* Introduce a dedicated JSP tag for a language switch. Make it reuse the current URL and add/replace ui_locales parameter with JS.

* Externalise constants.

* Change language switching URL to be build server-side to avoid the need for JS client-side.

* Add locale passing interceptor.

* Inject LocalePassingInterceptor to the global REST Template.

* Ignore other local profiles.

* Extend the locale cookie expiration.

* Increase the cookie expiration to 10 years.

* Cleanup debug code.

* Don't overwrite the language header set in another thread in the interceptor.
Add the language header to forget password call manually, as it's being run in another thread and has no knowledge of the user's selected locale.

* SIDM-3353 Create password - add additional guidance text. (#337)

* Improve test coverage. (#347)

* More test coverage for Welsh. (#348)

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* COVID-19 Contact Us pages changes (post Welsh) (#350)

* COVID-19 Contact Us pages changes (post Welsh)

* Use the provided Welsh translation for a missing line.

* Sidm 3831 externalise text (#342)

* Externalise messages from static pages.

* Improve message for missing EN elements.

* Add missing email addresses for English.

* Remove an unused property.

* Reexport Contact Us page to include the update and COVID-19 opening times changes.

* SIDM-3831 Fix Welsh translations. (#355)

* SIDM-3582 SIDM-3404 Account Activation link expired screen (#354)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

* SIDM-3404 Update captions.

* SIDM-3404 Add Welsh translations.

* SIDM-3582 Fix incorrect error screen for expired account activation url. (#346)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Add some missing Welsh translations for SIDM-3353.

* Add a new test.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Welsh - fix AKS languages (#357)

* Add debug code listing request params

* Remove debug code. Add an attempted fix.

* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

* 2.2rc1 update 2.2 from preview (#419)

* V2 1 intermediary master bfg (#374)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* chore(installcharts): remove cicd config installCharts (deprecated)

* chore(deletion): remove local file

* chore(deletion): remove local file

* Update dependency-check-suppressions.xml
Suppress CVE-2020-9484

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* Increase test code coverage. (#377)

* Increase test code coverage.

* Increase test code coverage, pt.2.

* avoid running functional tests twice in nightly build

* Add missing assertions in a test.

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix: remove reference to idam-master tf state (#378)

* Sonar failure fix attempt. (#381)

* V2 1 rc2 master into preview (#386)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java rel…
nikola-naydenov-hmcts added a commit that referenced this pull request Aug 13, 2020
@nikola-naydenov-hmcts @kremi
@NikolaNaydenov @dfourn @shravanmechineni @tbamido @henrydobson @sudhasane @jitumiah
Sidm 4413 SSO Login button and error handling (#433)
8c299db 
* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* v2 rc1 (#375)

* Adding support for multiple affinity cookies (#331)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* SIDM-2686 - Cross browser tests (#333)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Welsh language (#334)

* Add currently existing Welsh translations as messages_cy.propertes thus creating a bundle. The messages at this stage are copied "as is", and may contain translation errors.

* Externalise messages from Contact Us page.
Externalise titles from the remaining pages.

* Add a script automating hardcoded text i18n.

* SIDM-3761 Add language switcher to wrapper.tag based on example provided in Jira

* Introduce language-specific static pages and selection mechanism based on locale in context.

* Remove default locale making it possible to set it via Accept-Language HTTP header.

* Add support for preferred languages and scripts for the user interface represented as a space-separated list of BCP47.

* Minor logging fix.

* Fix an invalid test ensuring no cookie is set.

* Fix locale parameter rename in JSPs.

* Reduce cognitive complexity. Increase readability.

* Get available languages from messages bundle rather than hardcoded list of values.

* Fix a broken unit test.

* Introduce a dedicated JSP tag for a language switch. Make it reuse the current URL and add/replace ui_locales parameter with JS.

* Externalise constants.

* Change language switching URL to be build server-side to avoid the need for JS client-side.

* Add locale passing interceptor.

* Inject LocalePassingInterceptor to the global REST Template.

* Ignore other local profiles.

* Extend the locale cookie expiration.

* Increase the cookie expiration to 10 years.

* Cleanup debug code.

* Don't overwrite the language header set in another thread in the interceptor.
Add the language header to forget password call manually, as it's being run in another thread and has no knowledge of the user's selected locale.

* SIDM-3353 Create password - add additional guidance text. (#337)

* Improve test coverage. (#347)

* More test coverage for Welsh. (#348)

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* COVID-19 Contact Us pages changes (post Welsh) (#350)

* COVID-19 Contact Us pages changes (post Welsh)

* Use the provided Welsh translation for a missing line.

* Sidm 3831 externalise text (#342)

* Externalise messages from static pages.

* Improve message for missing EN elements.

* Add missing email addresses for English.

* Remove an unused property.

* Reexport Contact Us page to include the update and COVID-19 opening times changes.

* SIDM-3831 Fix Welsh translations. (#355)

* SIDM-3582 SIDM-3404 Account Activation link expired screen (#354)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

* SIDM-3404 Update captions.

* SIDM-3404 Add Welsh translations.

* SIDM-3582 Fix incorrect error screen for expired account activation url. (#346)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Add some missing Welsh translations for SIDM-3353.

* Add a new test.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Welsh - fix AKS languages (#357)

* Add debug code listing request params

* Remove debug code. Add an attempted fix.

* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

* V2 1 intermediary master bfg (#374)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait
…
dfourn added a commit that referenced this pull request Aug 14, 2020
@dfourn @nikola-naydenov-hmcts
@tbamido @kremi @NikolaNaydenov @shravanmechineni @henrydobson @sudhasane @jitumiah
4.0.0 RC2 > ITHC (#435)
f3a872d 
* SIDM-4233 SSO Login (#416)

* The beginnings of greatness

* stuff

* Redirect and back works, access_token aquired

* Dont need a controller

* SIDM-4377 Add redis integration (#409)

* Inject secrets

* Local redis

* Add some mocking for tests

* Removing embedded redis

* Force ssl

* More ram?

* Bump memory again?

* Add docker setup instructions

Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>

* Error handling, bug fixes

* More tests

* Update src/main/java/uk/gov/hmcts/reform/idam/web/Application.java

Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Update src/main/java/uk/gov/hmcts/reform/idam/web/helper/ErrorHelper.java

Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* more variables to secrets

* Added tests and fixed some bugs

* Tests run successfully

* Fixing vulnerabilities

* Ignore old code

* Accidentally downgraded gradle

Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* chore: increase chart version (#423)

* Force disable caching in web-public

* SIDM-4704 Change of email address for FPL (#430)

* SIDM-4413 eJudiciary login button and redis session fixes (#427)

* eJudiciary login button and redis session fixes

* Whoops forgot to commit anything

* Extra imports

* Dont try to configure redis

* Static constant

* chore(redis): JSPHelperTest fix: disable Redis autoconfigure

Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* Sidm 4413 SSO Login button and error handling (#433)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* v2 rc1 (#375)

* Adding support for multiple affinity cookies (#331)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* SIDM-2686 - Cross browser tests (#333)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Welsh language (#334)

* Add currently existing Welsh translations as messages_cy.propertes thus creating a bundle. The messages at this stage are copied "as is", and may contain translation errors.

* Externalise messages from Contact Us page.
Externalise titles from the remaining pages.

* Add a script automating hardcoded text i18n.

* SIDM-3761 Add language switcher to wrapper.tag based on example provided in Jira

* Introduce language-specific static pages and selection mechanism based on locale in context.

* Remove default locale making it possible to set it via Accept-Language HTTP header.

* Add support for preferred languages and scripts for the user interface represented as a space-separated list of BCP47.

* Minor logging fix.

* Fix an invalid test ensuring no cookie is set.

* Fix locale parameter rename in JSPs.

* Reduce cognitive complexity. Increase readability.

* Get available languages from messages bundle rather than hardcoded list of values.

* Fix a broken unit test.

* Introduce a dedicated JSP tag for a language switch. Make it reuse the current URL and add/replace ui_locales parameter with JS.

* Externalise constants.

* Change language switching URL to be build server-side to avoid the need for JS client-side.

* Add locale passing interceptor.

* Inject LocalePassingInterceptor to the global REST Template.

* Ignore other local profiles.

* Extend the locale cookie expiration.

* Increase the cookie expiration to 10 years.

* Cleanup debug code.

* Don't overwrite the language header set in another thread in the interceptor.
Add the language header to forget password call manually, as it's being run in another thread and has no knowledge of the user's selected locale.

* SIDM-3353 Create password - add additional guidance text. (#337)

* Improve test coverage. (#347)

* More test coverage for Welsh. (#348)

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* COVID-19 Contact Us pages changes (post Welsh) (#350)

* COVID-19 Contact Us pages changes (post Welsh)

* Use the provided Welsh translation for a missing line.

* Sidm 3831 externalise text (#342)

* Externalise messages from static pages.

* Improve message for missing EN elements.

* Add missing email addresses for English.

* Remove an unused property.

* Reexport Contact Us page to include the update and COVID-19 opening times changes.

* SIDM-3831 Fix Welsh translations. (#355)

* SIDM-3582 SIDM-3404 Account Activation link expired screen (#354)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

* SIDM-3404 Update captions.

* SIDM-3404 Add Welsh translations.

* SIDM-3582 Fix incorrect error screen for expired account activation url. (#346)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Add some missing Welsh translations for SIDM-3353.

* Add a new test.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Welsh - fix AKS languages (#357)

* Add debug code listing request params

* Remove debug code. Add an attempted fix.

* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

* V2 1 intermediary master bfg (#374)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-…
tbamido added a commit that referenced this pull request Aug 28, 2020
@tbamido @nikola-naydenov-hmcts
@henrydobson @dfourn @kremi @NikolaNaydenov @shravanmechineni @sudhasane @jitumiah
chore(merge-4.0.0) prev ae131b6 into master (#461)
9720d1d 
* Adding support for multiple affinity cookies (#331)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* SIDM-2686 - Cross browser tests (#333)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Welsh language (#334)

* Add currently existing Welsh translations as messages_cy.propertes thus creating a bundle. The messages at this stage are copied "as is", and may contain translation errors.

* Externalise messages from Contact Us page.
Externalise titles from the remaining pages.

* Add a script automating hardcoded text i18n.

* SIDM-3761 Add language switcher to wrapper.tag based on example provided in Jira

* Introduce language-specific static pages and selection mechanism based on locale in context.

* Remove default locale making it possible to set it via Accept-Language HTTP header.

* Add support for preferred languages and scripts for the user interface represented as a space-separated list of BCP47.

* Minor logging fix.

* Fix an invalid test ensuring no cookie is set.

* Fix locale parameter rename in JSPs.

* Reduce cognitive complexity. Increase readability.

* Get available languages from messages bundle rather than hardcoded list of values.

* Fix a broken unit test.

* Introduce a dedicated JSP tag for a language switch. Make it reuse the current URL and add/replace ui_locales parameter with JS.

* Externalise constants.

* Change language switching URL to be build server-side to avoid the need for JS client-side.

* Add locale passing interceptor.

* Inject LocalePassingInterceptor to the global REST Template.

* Ignore other local profiles.

* Extend the locale cookie expiration.

* Increase the cookie expiration to 10 years.

* Cleanup debug code.

* Don't overwrite the language header set in another thread in the interceptor.
Add the language header to forget password call manually, as it's being run in another thread and has no knowledge of the user's selected locale.

* SIDM-3353 Create password - add additional guidance text. (#337)

* Improve test coverage. (#347)

* More test coverage for Welsh. (#348)

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* COVID-19 Contact Us pages changes (post Welsh) (#350)

* COVID-19 Contact Us pages changes (post Welsh)

* Use the provided Welsh translation for a missing line.

* Sidm 3831 externalise text (#342)

* Externalise messages from static pages.

* Improve message for missing EN elements.

* Add missing email addresses for English.

* Remove an unused property.

* Reexport Contact Us page to include the update and COVID-19 opening times changes.

* SIDM-3831 Fix Welsh translations. (#355)

* SIDM-3582 SIDM-3404 Account Activation link expired screen (#354)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

* SIDM-3404 Update captions.

* SIDM-3404 Add Welsh translations.

* SIDM-3582 Fix incorrect error screen for expired account activation url. (#346)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Add some missing Welsh translations for SIDM-3353.

* Add a new test.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Welsh - fix AKS languages (#357)

* Add debug code listing request params

* Remove debug code. Add an attempted fix.

* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

* V2 1 intermediary master bfg (#374)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* chore(installcharts): remove cicd config installCharts (deprecated)

* chore(deletion): remove local file

* chore(deletion): remove local file

* Update dependency-check-suppressions.xml
Suppress CVE-2020-9484

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* Increase test code coverage. (#377)

* Increase test code coverage.

* Increase test code coverage, pt.2.

* avoid running functional tests twice in nightly build

* Add missing assertions in a test.

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix: remove reference to idam-master tf state (#378)

* Sonar failure fix attempt. (#381)

* V2 1 rc2 master into preview (#386)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16…
tbamido added a commit that referenced this pull request Sep 1, 2020
@tbamido @nikola-naydenov-hmcts
@henrydobson @dfourn @kremi @NikolaNaydenov @shravanmechineni @sudhasane @jitumiah
Merge preview into master (#469)
e25cb66 
* Adding support for multiple affinity cookies (#331)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* SIDM-2686 - Cross browser tests (#333)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Welsh language (#334)

* Add currently existing Welsh translations as messages_cy.propertes thus creating a bundle. The messages at this stage are copied "as is", and may contain translation errors.

* Externalise messages from Contact Us page.
Externalise titles from the remaining pages.

* Add a script automating hardcoded text i18n.

* SIDM-3761 Add language switcher to wrapper.tag based on example provided in Jira

* Introduce language-specific static pages and selection mechanism based on locale in context.

* Remove default locale making it possible to set it via Accept-Language HTTP header.

* Add support for preferred languages and scripts for the user interface represented as a space-separated list of BCP47.

* Minor logging fix.

* Fix an invalid test ensuring no cookie is set.

* Fix locale parameter rename in JSPs.

* Reduce cognitive complexity. Increase readability.

* Get available languages from messages bundle rather than hardcoded list of values.

* Fix a broken unit test.

* Introduce a dedicated JSP tag for a language switch. Make it reuse the current URL and add/replace ui_locales parameter with JS.

* Externalise constants.

* Change language switching URL to be build server-side to avoid the need for JS client-side.

* Add locale passing interceptor.

* Inject LocalePassingInterceptor to the global REST Template.

* Ignore other local profiles.

* Extend the locale cookie expiration.

* Increase the cookie expiration to 10 years.

* Cleanup debug code.

* Don't overwrite the language header set in another thread in the interceptor.
Add the language header to forget password call manually, as it's being run in another thread and has no knowledge of the user's selected locale.

* SIDM-3353 Create password - add additional guidance text. (#337)

* Improve test coverage. (#347)

* More test coverage for Welsh. (#348)

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* COVID-19 Contact Us pages changes (post Welsh) (#350)

* COVID-19 Contact Us pages changes (post Welsh)

* Use the provided Welsh translation for a missing line.

* Sidm 3831 externalise text (#342)

* Externalise messages from static pages.

* Improve message for missing EN elements.

* Add missing email addresses for English.

* Remove an unused property.

* Reexport Contact Us page to include the update and COVID-19 opening times changes.

* SIDM-3831 Fix Welsh translations. (#355)

* SIDM-3582 SIDM-3404 Account Activation link expired screen (#354)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

* SIDM-3404 Update captions.

* SIDM-3404 Add Welsh translations.

* SIDM-3582 Fix incorrect error screen for expired account activation url. (#346)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Add some missing Welsh translations for SIDM-3353.

* Add a new test.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Welsh - fix AKS languages (#357)

* Add debug code listing request params

* Remove debug code. Add an attempted fix.

* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

* V2 1 intermediary master bfg (#374)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* chore(installcharts): remove cicd config installCharts (deprecated)

* chore(deletion): remove local file

* chore(deletion): remove local file

* Update dependency-check-suppressions.xml
Suppress CVE-2020-9484

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* Increase test code coverage. (#377)

* Increase test code coverage.

* Increase test code coverage, pt.2.

* avoid running functional tests twice in nightly build

* Add missing assertions in a test.

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix: remove reference to idam-master tf state (#378)

* Sonar failure fix attempt. (#381)

* V2 1 rc2 master into preview (#386)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(ci…
tbamido added a commit that referenced this pull request Sep 2, 2020
@tbamido @kremi
@NikolaNaydenov @dfourn @nikola-naydenov-hmcts @shravanmechineni @henrydobson @sudhasane @jitumiah
Chore v4 master into ithc (#471)
f0ce4d1 
* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* v2 rc1 (#375)

* Adding support for multiple affinity cookies (#331)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* SIDM-2686 - Cross browser tests (#333)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Welsh language (#334)

* Add currently existing Welsh translations as messages_cy.propertes thus creating a bundle. The messages at this stage are copied "as is", and may contain translation errors.

* Externalise messages from Contact Us page.
Externalise titles from the remaining pages.

* Add a script automating hardcoded text i18n.

* SIDM-3761 Add language switcher to wrapper.tag based on example provided in Jira

* Introduce language-specific static pages and selection mechanism based on locale in context.

* Remove default locale making it possible to set it via Accept-Language HTTP header.

* Add support for preferred languages and scripts for the user interface represented as a space-separated list of BCP47.

* Minor logging fix.

* Fix an invalid test ensuring no cookie is set.

* Fix locale parameter rename in JSPs.

* Reduce cognitive complexity. Increase readability.

* Get available languages from messages bundle rather than hardcoded list of values.

* Fix a broken unit test.

* Introduce a dedicated JSP tag for a language switch. Make it reuse the current URL and add/replace ui_locales parameter with JS.

* Externalise constants.

* Change language switching URL to be build server-side to avoid the need for JS client-side.

* Add locale passing interceptor.

* Inject LocalePassingInterceptor to the global REST Template.

* Ignore other local profiles.

* Extend the locale cookie expiration.

* Increase the cookie expiration to 10 years.

* Cleanup debug code.

* Don't overwrite the language header set in another thread in the interceptor.
Add the language header to forget password call manually, as it's being run in another thread and has no knowledge of the user's selected locale.

* SIDM-3353 Create password - add additional guidance text. (#337)

* Improve test coverage. (#347)

* More test coverage for Welsh. (#348)

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* COVID-19 Contact Us pages changes (post Welsh) (#350)

* COVID-19 Contact Us pages changes (post Welsh)

* Use the provided Welsh translation for a missing line.

* Sidm 3831 externalise text (#342)

* Externalise messages from static pages.

* Improve message for missing EN elements.

* Add missing email addresses for English.

* Remove an unused property.

* Reexport Contact Us page to include the update and COVID-19 opening times changes.

* SIDM-3831 Fix Welsh translations. (#355)

* SIDM-3582 SIDM-3404 Account Activation link expired screen (#354)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

* SIDM-3404 Update captions.

* SIDM-3404 Add Welsh translations.

* SIDM-3582 Fix incorrect error screen for expired account activation url. (#346)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Add some missing Welsh translations for SIDM-3353.

* Add a new test.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Welsh - fix AKS languages (#357)

* Add debug code listing request params

* Remove debug code. Add an attempted fix.

* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

* V2 1 intermediary master bfg (#374)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen …
tbamido added a commit that referenced this pull request Sep 2, 2020
@tbamido @kremi
@NikolaNaydenov @dfourn @nikola-naydenov-hmcts @shravanmechineni @henrydobson @sudhasane @jitumiah
Chore v4 master into preview (#470)
289eee0 
* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* v2 rc1 (#375)

* Adding support for multiple affinity cookies (#331)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* SIDM-2686 - Cross browser tests (#333)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Welsh language (#334)

* Add currently existing Welsh translations as messages_cy.propertes thus creating a bundle. The messages at this stage are copied "as is", and may contain translation errors.

* Externalise messages from Contact Us page.
Externalise titles from the remaining pages.

* Add a script automating hardcoded text i18n.

* SIDM-3761 Add language switcher to wrapper.tag based on example provided in Jira

* Introduce language-specific static pages and selection mechanism based on locale in context.

* Remove default locale making it possible to set it via Accept-Language HTTP header.

* Add support for preferred languages and scripts for the user interface represented as a space-separated list of BCP47.

* Minor logging fix.

* Fix an invalid test ensuring no cookie is set.

* Fix locale parameter rename in JSPs.

* Reduce cognitive complexity. Increase readability.

* Get available languages from messages bundle rather than hardcoded list of values.

* Fix a broken unit test.

* Introduce a dedicated JSP tag for a language switch. Make it reuse the current URL and add/replace ui_locales parameter with JS.

* Externalise constants.

* Change language switching URL to be build server-side to avoid the need for JS client-side.

* Add locale passing interceptor.

* Inject LocalePassingInterceptor to the global REST Template.

* Ignore other local profiles.

* Extend the locale cookie expiration.

* Increase the cookie expiration to 10 years.

* Cleanup debug code.

* Don't overwrite the language header set in another thread in the interceptor.
Add the language header to forget password call manually, as it's being run in another thread and has no knowledge of the user's selected locale.

* SIDM-3353 Create password - add additional guidance text. (#337)

* Improve test coverage. (#347)

* More test coverage for Welsh. (#348)

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* COVID-19 Contact Us pages changes (post Welsh) (#350)

* COVID-19 Contact Us pages changes (post Welsh)

* Use the provided Welsh translation for a missing line.

* Sidm 3831 externalise text (#342)

* Externalise messages from static pages.

* Improve message for missing EN elements.

* Add missing email addresses for English.

* Remove an unused property.

* Reexport Contact Us page to include the update and COVID-19 opening times changes.

* SIDM-3831 Fix Welsh translations. (#355)

* SIDM-3582 SIDM-3404 Account Activation link expired screen (#354)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

* SIDM-3404 Update captions.

* SIDM-3404 Add Welsh translations.

* SIDM-3582 Fix incorrect error screen for expired account activation url. (#346)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Add some missing Welsh translations for SIDM-3353.

* Add a new test.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Welsh - fix AKS languages (#357)

* Add debug code listing request params

* Remove debug code. Add an attempted fix.

* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

* V2 1 intermediary master bfg (#374)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates scre…
tbamido added a commit that referenced this pull request Sep 2, 2020
@tbamido @nikola-naydenov-hmcts
@henrydobson @dfourn @kremi @NikolaNaydenov @shravanmechineni @sudhasane @jitumiah
Merge v4 rc6 preview into master (#475)
76e7941 
* Adding support for multiple affinity cookies (#331)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* SIDM-2686 - Cross browser tests (#333)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Welsh language (#334)

* Add currently existing Welsh translations as messages_cy.propertes thus creating a bundle. The messages at this stage are copied "as is", and may contain translation errors.

* Externalise messages from Contact Us page.
Externalise titles from the remaining pages.

* Add a script automating hardcoded text i18n.

* SIDM-3761 Add language switcher to wrapper.tag based on example provided in Jira

* Introduce language-specific static pages and selection mechanism based on locale in context.

* Remove default locale making it possible to set it via Accept-Language HTTP header.

* Add support for preferred languages and scripts for the user interface represented as a space-separated list of BCP47.

* Minor logging fix.

* Fix an invalid test ensuring no cookie is set.

* Fix locale parameter rename in JSPs.

* Reduce cognitive complexity. Increase readability.

* Get available languages from messages bundle rather than hardcoded list of values.

* Fix a broken unit test.

* Introduce a dedicated JSP tag for a language switch. Make it reuse the current URL and add/replace ui_locales parameter with JS.

* Externalise constants.

* Change language switching URL to be build server-side to avoid the need for JS client-side.

* Add locale passing interceptor.

* Inject LocalePassingInterceptor to the global REST Template.

* Ignore other local profiles.

* Extend the locale cookie expiration.

* Increase the cookie expiration to 10 years.

* Cleanup debug code.

* Don't overwrite the language header set in another thread in the interceptor.
Add the language header to forget password call manually, as it's being run in another thread and has no knowledge of the user's selected locale.

* SIDM-3353 Create password - add additional guidance text. (#337)

* Improve test coverage. (#347)

* More test coverage for Welsh. (#348)

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* COVID-19 Contact Us pages changes (post Welsh) (#350)

* COVID-19 Contact Us pages changes (post Welsh)

* Use the provided Welsh translation for a missing line.

* Sidm 3831 externalise text (#342)

* Externalise messages from static pages.

* Improve message for missing EN elements.

* Add missing email addresses for English.

* Remove an unused property.

* Reexport Contact Us page to include the update and COVID-19 opening times changes.

* SIDM-3831 Fix Welsh translations. (#355)

* SIDM-3582 SIDM-3404 Account Activation link expired screen (#354)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

* SIDM-3404 Update captions.

* SIDM-3404 Add Welsh translations.

* SIDM-3582 Fix incorrect error screen for expired account activation url. (#346)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Add some missing Welsh translations for SIDM-3353.

* Add a new test.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Welsh - fix AKS languages (#357)

* Add debug code listing request params

* Remove debug code. Add an attempted fix.

* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

* V2 1 intermediary master bfg (#374)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* chore(installcharts): remove cicd config installCharts (deprecated)

* chore(deletion): remove local file

* chore(deletion): remove local file

* Update dependency-check-suppressions.xml
Suppress CVE-2020-9484

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* Increase test code coverage. (#377)

* Increase test code coverage.

* Increase test code coverage, pt.2.

* avoid running functional tests twice in nightly build

* Add missing assertions in a test.

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix: remove reference to idam-master tf state (#378)

* Sonar failure fix attempt. (#381)

* V2 1 rc2 master into preview (#386)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refa…
tbamido added a commit that referenced this pull request Sep 3, 2020
@tbamido @nikola-naydenov-hmcts
@henrydobson @dfourn @kremi @NikolaNaydenov @shravanmechineni @sudhasane @jitumiah
Merge v4rc8 bce42cc preview into master (#477)
7151ae8 
* Adding support for multiple affinity cookies (#331)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* SIDM-2686 - Cross browser tests (#333)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Welsh language (#334)

* Add currently existing Welsh translations as messages_cy.propertes thus creating a bundle. The messages at this stage are copied "as is", and may contain translation errors.

* Externalise messages from Contact Us page.
Externalise titles from the remaining pages.

* Add a script automating hardcoded text i18n.

* SIDM-3761 Add language switcher to wrapper.tag based on example provided in Jira

* Introduce language-specific static pages and selection mechanism based on locale in context.

* Remove default locale making it possible to set it via Accept-Language HTTP header.

* Add support for preferred languages and scripts for the user interface represented as a space-separated list of BCP47.

* Minor logging fix.

* Fix an invalid test ensuring no cookie is set.

* Fix locale parameter rename in JSPs.

* Reduce cognitive complexity. Increase readability.

* Get available languages from messages bundle rather than hardcoded list of values.

* Fix a broken unit test.

* Introduce a dedicated JSP tag for a language switch. Make it reuse the current URL and add/replace ui_locales parameter with JS.

* Externalise constants.

* Change language switching URL to be build server-side to avoid the need for JS client-side.

* Add locale passing interceptor.

* Inject LocalePassingInterceptor to the global REST Template.

* Ignore other local profiles.

* Extend the locale cookie expiration.

* Increase the cookie expiration to 10 years.

* Cleanup debug code.

* Don't overwrite the language header set in another thread in the interceptor.
Add the language header to forget password call manually, as it's being run in another thread and has no knowledge of the user's selected locale.

* SIDM-3353 Create password - add additional guidance text. (#337)

* Improve test coverage. (#347)

* More test coverage for Welsh. (#348)

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* COVID-19 Contact Us pages changes (post Welsh) (#350)

* COVID-19 Contact Us pages changes (post Welsh)

* Use the provided Welsh translation for a missing line.

* Sidm 3831 externalise text (#342)

* Externalise messages from static pages.

* Improve message for missing EN elements.

* Add missing email addresses for English.

* Remove an unused property.

* Reexport Contact Us page to include the update and COVID-19 opening times changes.

* SIDM-3831 Fix Welsh translations. (#355)

* SIDM-3582 SIDM-3404 Account Activation link expired screen (#354)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

* SIDM-3404 Update captions.

* SIDM-3404 Add Welsh translations.

* SIDM-3582 Fix incorrect error screen for expired account activation url. (#346)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Add some missing Welsh translations for SIDM-3353.

* Add a new test.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Welsh - fix AKS languages (#357)

* Add debug code listing request params

* Remove debug code. Add an attempted fix.

* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

* V2 1 intermediary master bfg (#374)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* chore(installcharts): remove cicd config installCharts (deprecated)

* chore(deletion): remove local file

* chore(deletion): remove local file

* Update dependency-check-suppressions.xml
Suppress CVE-2020-9484

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* Increase test code coverage. (#377)

* Increase test code coverage.

* Increase test code coverage, pt.2.

* avoid running functional tests twice in nightly build

* Add missing assertions in a test.

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix: remove reference to idam-master tf state (#378)

* Sonar failure fix attempt. (#381)

* V2 1 rc2 master into preview (#386)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

…
tbamido added a commit that referenced this pull request Sep 4, 2020
@tbamido @nikola-naydenov-hmcts
@henrydobson @dfourn @kremi @NikolaNaydenov @shravanmechineni @sudhasane @jitumiah
Merge v4rc9 preview into master (#480)
499e9c3 
* Adding support for multiple affinity cookies (#331)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* SIDM-2686 - Cross browser tests (#333)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Welsh language (#334)

* Add currently existing Welsh translations as messages_cy.propertes thus creating a bundle. The messages at this stage are copied "as is", and may contain translation errors.

* Externalise messages from Contact Us page.
Externalise titles from the remaining pages.

* Add a script automating hardcoded text i18n.

* SIDM-3761 Add language switcher to wrapper.tag based on example provided in Jira

* Introduce language-specific static pages and selection mechanism based on locale in context.

* Remove default locale making it possible to set it via Accept-Language HTTP header.

* Add support for preferred languages and scripts for the user interface represented as a space-separated list of BCP47.

* Minor logging fix.

* Fix an invalid test ensuring no cookie is set.

* Fix locale parameter rename in JSPs.

* Reduce cognitive complexity. Increase readability.

* Get available languages from messages bundle rather than hardcoded list of values.

* Fix a broken unit test.

* Introduce a dedicated JSP tag for a language switch. Make it reuse the current URL and add/replace ui_locales parameter with JS.

* Externalise constants.

* Change language switching URL to be build server-side to avoid the need for JS client-side.

* Add locale passing interceptor.

* Inject LocalePassingInterceptor to the global REST Template.

* Ignore other local profiles.

* Extend the locale cookie expiration.

* Increase the cookie expiration to 10 years.

* Cleanup debug code.

* Don't overwrite the language header set in another thread in the interceptor.
Add the language header to forget password call manually, as it's being run in another thread and has no knowledge of the user's selected locale.

* SIDM-3353 Create password - add additional guidance text. (#337)

* Improve test coverage. (#347)

* More test coverage for Welsh. (#348)

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* COVID-19 Contact Us pages changes (post Welsh) (#350)

* COVID-19 Contact Us pages changes (post Welsh)

* Use the provided Welsh translation for a missing line.

* Sidm 3831 externalise text (#342)

* Externalise messages from static pages.

* Improve message for missing EN elements.

* Add missing email addresses for English.

* Remove an unused property.

* Reexport Contact Us page to include the update and COVID-19 opening times changes.

* SIDM-3831 Fix Welsh translations. (#355)

* SIDM-3582 SIDM-3404 Account Activation link expired screen (#354)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

* SIDM-3404 Update captions.

* SIDM-3404 Add Welsh translations.

* SIDM-3582 Fix incorrect error screen for expired account activation url. (#346)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Add some missing Welsh translations for SIDM-3353.

* Add a new test.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Welsh - fix AKS languages (#357)

* Add debug code listing request params

* Remove debug code. Add an attempted fix.

* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

* V2 1 intermediary master bfg (#374)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* chore(installcharts): remove cicd config installCharts (deprecated)

* chore(deletion): remove local file

* chore(deletion): remove local file

* Update dependency-check-suppressions.xml
Suppress CVE-2020-9484

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* Increase test code coverage. (#377)

* Increase test code coverage.

* Increase test code coverage, pt.2.

* avoid running functional tests twice in nightly build

* Add missing assertions in a test.

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix: remove reference to idam-master tf state (#378)

* Sonar failure fix attempt. (#381)

* V2 1 rc2 master into preview (#386)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refac…
nikola-naydenov-hmcts added a commit that referenced this pull request Sep 18, 2020
@nikola-naydenov-hmcts @henrydobson
@dfourn @tbamido @kremi @NikolaNaydenov @shravanmechineni @sudhasane @jitumiah
V4.0.0 Final RC into Master (#493)
b13a6c6 
* Adding support for multiple affinity cookies (#331)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* SIDM-2686 - Cross browser tests (#333)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Welsh language (#334)

* Add currently existing Welsh translations as messages_cy.propertes thus creating a bundle. The messages at this stage are copied "as is", and may contain translation errors.

* Externalise messages from Contact Us page.
Externalise titles from the remaining pages.

* Add a script automating hardcoded text i18n.

* SIDM-3761 Add language switcher to wrapper.tag based on example provided in Jira

* Introduce language-specific static pages and selection mechanism based on locale in context.

* Remove default locale making it possible to set it via Accept-Language HTTP header.

* Add support for preferred languages and scripts for the user interface represented as a space-separated list of BCP47.

* Minor logging fix.

* Fix an invalid test ensuring no cookie is set.

* Fix locale parameter rename in JSPs.

* Reduce cognitive complexity. Increase readability.

* Get available languages from messages bundle rather than hardcoded list of values.

* Fix a broken unit test.

* Introduce a dedicated JSP tag for a language switch. Make it reuse the current URL and add/replace ui_locales parameter with JS.

* Externalise constants.

* Change language switching URL to be build server-side to avoid the need for JS client-side.

* Add locale passing interceptor.

* Inject LocalePassingInterceptor to the global REST Template.

* Ignore other local profiles.

* Extend the locale cookie expiration.

* Increase the cookie expiration to 10 years.

* Cleanup debug code.

* Don't overwrite the language header set in another thread in the interceptor.
Add the language header to forget password call manually, as it's being run in another thread and has no knowledge of the user's selected locale.

* SIDM-3353 Create password - add additional guidance text. (#337)

* Improve test coverage. (#347)

* More test coverage for Welsh. (#348)

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* COVID-19 Contact Us pages changes (post Welsh) (#350)

* COVID-19 Contact Us pages changes (post Welsh)

* Use the provided Welsh translation for a missing line.

* Sidm 3831 externalise text (#342)

* Externalise messages from static pages.

* Improve message for missing EN elements.

* Add missing email addresses for English.

* Remove an unused property.

* Reexport Contact Us page to include the update and COVID-19 opening times changes.

* SIDM-3831 Fix Welsh translations. (#355)

* SIDM-3582 SIDM-3404 Account Activation link expired screen (#354)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

* SIDM-3404 Update captions.

* SIDM-3404 Add Welsh translations.

* SIDM-3582 Fix incorrect error screen for expired account activation url. (#346)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Add some missing Welsh translations for SIDM-3353.

* Add a new test.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Welsh - fix AKS languages (#357)

* Add debug code listing request params

* Remove debug code. Add an attempted fix.

* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

* V2 1 intermediary master bfg (#374)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* chore(installcharts): remove cicd config installCharts (deprecated)

* chore(deletion): remove local file

* chore(deletion): remove local file

* Update dependency-check-suppressions.xml
Suppress CVE-2020-9484

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* Increase test code coverage. (#377)

* Increase test code coverage.

* Increase test code coverage, pt.2.

* avoid running functional tests twice in nightly build

* Add missing assertions in a test.

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix: remove reference to idam-master tf state (#378)

* Sonar failure fix attempt. (#381)

* V2 1 rc2 master into preview (#386)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(…
tbamido added a commit that referenced this pull request Oct 6, 2020
@tbamido @kremi
@NikolaNaydenov @dfourn @nikola-naydenov-hmcts @shravanmechineni @henrydobson @sudhasane @jitumiah
chore(v4): merge v4.0.1 into preview (#503)
5b8bdd4 
* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* v2 rc1 (#375)

* Adding support for multiple affinity cookies (#331)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* SIDM-2686 - Cross browser tests (#333)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Welsh language (#334)

* Add currently existing Welsh translations as messages_cy.propertes thus creating a bundle. The messages at this stage are copied "as is", and may contain translation errors.

* Externalise messages from Contact Us page.
Externalise titles from the remaining pages.

* Add a script automating hardcoded text i18n.

* SIDM-3761 Add language switcher to wrapper.tag based on example provided in Jira

* Introduce language-specific static pages and selection mechanism based on locale in context.

* Remove default locale making it possible to set it via Accept-Language HTTP header.

* Add support for preferred languages and scripts for the user interface represented as a space-separated list of BCP47.

* Minor logging fix.

* Fix an invalid test ensuring no cookie is set.

* Fix locale parameter rename in JSPs.

* Reduce cognitive complexity. Increase readability.

* Get available languages from messages bundle rather than hardcoded list of values.

* Fix a broken unit test.

* Introduce a dedicated JSP tag for a language switch. Make it reuse the current URL and add/replace ui_locales parameter with JS.

* Externalise constants.

* Change language switching URL to be build server-side to avoid the need for JS client-side.

* Add locale passing interceptor.

* Inject LocalePassingInterceptor to the global REST Template.

* Ignore other local profiles.

* Extend the locale cookie expiration.

* Increase the cookie expiration to 10 years.

* Cleanup debug code.

* Don't overwrite the language header set in another thread in the interceptor.
Add the language header to forget password call manually, as it's being run in another thread and has no knowledge of the user's selected locale.

* SIDM-3353 Create password - add additional guidance text. (#337)

* Improve test coverage. (#347)

* More test coverage for Welsh. (#348)

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* COVID-19 Contact Us pages changes (post Welsh) (#350)

* COVID-19 Contact Us pages changes (post Welsh)

* Use the provided Welsh translation for a missing line.

* Sidm 3831 externalise text (#342)

* Externalise messages from static pages.

* Improve message for missing EN elements.

* Add missing email addresses for English.

* Remove an unused property.

* Reexport Contact Us page to include the update and COVID-19 opening times changes.

* SIDM-3831 Fix Welsh translations. (#355)

* SIDM-3582 SIDM-3404 Account Activation link expired screen (#354)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

* SIDM-3404 Update captions.

* SIDM-3404 Add Welsh translations.

* SIDM-3582 Fix incorrect error screen for expired account activation url. (#346)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Add some missing Welsh translations for SIDM-3353.

* Add a new test.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Welsh - fix AKS languages (#357)

* Add debug code listing request params

* Remove debug code. Add an attempted fix.

* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

* V2 1 intermediary master bfg (#374)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* upda…
@tbamido tbamido deleted the fix-notify-links-issue branch October 6, 2020 12:51
henrydobson added a commit that referenced this pull request Nov 5, 2020
@nikola-naydenov-hmcts @henrydobson
@dfourn @tbamido @kremi @NikolaNaydenov @shravanmechineni @sudhasane @jitumiah @AlokDatta
[runbook task] Merge 5.0 into master (#526)
0e88b75 
* Adding support for multiple affinity cookies (#331)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* SIDM-2686 - Cross browser tests (#333)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Welsh language (#334)

* Add currently existing Welsh translations as messages_cy.propertes thus creating a bundle. The messages at this stage are copied "as is", and may contain translation errors.

* Externalise messages from Contact Us page.
Externalise titles from the remaining pages.

* Add a script automating hardcoded text i18n.

* SIDM-3761 Add language switcher to wrapper.tag based on example provided in Jira

* Introduce language-specific static pages and selection mechanism based on locale in context.

* Remove default locale making it possible to set it via Accept-Language HTTP header.

* Add support for preferred languages and scripts for the user interface represented as a space-separated list of BCP47.

* Minor logging fix.

* Fix an invalid test ensuring no cookie is set.

* Fix locale parameter rename in JSPs.

* Reduce cognitive complexity. Increase readability.

* Get available languages from messages bundle rather than hardcoded list of values.

* Fix a broken unit test.

* Introduce a dedicated JSP tag for a language switch. Make it reuse the current URL and add/replace ui_locales parameter with JS.

* Externalise constants.

* Change language switching URL to be build server-side to avoid the need for JS client-side.

* Add locale passing interceptor.

* Inject LocalePassingInterceptor to the global REST Template.

* Ignore other local profiles.

* Extend the locale cookie expiration.

* Increase the cookie expiration to 10 years.

* Cleanup debug code.

* Don't overwrite the language header set in another thread in the interceptor.
Add the language header to forget password call manually, as it's being run in another thread and has no knowledge of the user's selected locale.

* SIDM-3353 Create password - add additional guidance text. (#337)

* Improve test coverage. (#347)

* More test coverage for Welsh. (#348)

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* COVID-19 Contact Us pages changes (post Welsh) (#350)

* COVID-19 Contact Us pages changes (post Welsh)

* Use the provided Welsh translation for a missing line.

* Sidm 3831 externalise text (#342)

* Externalise messages from static pages.

* Improve message for missing EN elements.

* Add missing email addresses for English.

* Remove an unused property.

* Reexport Contact Us page to include the update and COVID-19 opening times changes.

* SIDM-3831 Fix Welsh translations. (#355)

* SIDM-3582 SIDM-3404 Account Activation link expired screen (#354)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

* SIDM-3404 Update captions.

* SIDM-3404 Add Welsh translations.

* SIDM-3582 Fix incorrect error screen for expired account activation url. (#346)

* SIDM-3582 Fix incorrect error screen for expired account activation url.

* SIDM-3582 Increase test coverage.

* SIDM-3582 Fix import.

* SIDM-3582 Code review changes.

* SIDM-3582 Code review changes.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Add some missing Welsh translations for SIDM-3353.

* Add a new test.

Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>

* Welsh - fix AKS languages (#357)

* Add debug code listing request params

* Remove debug code. Add an attempted fix.

* Sidm 4015 welsh functional tests (#352)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Merge demo to preview after merging master to demo (#365)

* Sidm 4015 welsh functional tests (#352) (#362)

* Add functional tests: duplicate registration in different languages

* Welsh tests.

* Welsh tests.

* Welsh tests.

* Welsh tests.

* merge master to demo (#364)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* add login with pin test (#361)

* add login with pin test

* fix review comment

* fix review

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* Fix  CVE-2020-9488 vulnerability. (#367)

* Fix  CVE-2020-9488 vulnerability.

* - upgrade Gradle to 6.3
- fix deprecated Gradle elements
- upgrade Spring Boot to 2.2.6.RELEASE
- upgrade idamBob to 2.0.1

* update to chart-java 2.18.0

* Switch to idam BOM 2.1.0 to fix CVE-2020-9488 vulnerability

* Make /activate POST request redirect to a GET endpoint that can have … (#366)

* Make /activate POST request redirect to a GET endpoint that can have its language changes.

* Restore individual imports.

* Code review changes.

* Fix broken functional test.

* Empty commit.

* Sidm 4120 welsh post requests (#368)

* Increase code coverage.

* Functional tests fix attempt.

* Sidm 4120 welsh post requests (#370)

* Increase code coverage.

* Functional tests fix attempt.

* Fix an issue with Welsh language switch urlencoding parameters.

* A NPE fix for when there is no query string.

* Attempt to fix Sonar false-positive.

* V2 1 intermediary master bfg (#374)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* feat(chart): aat values

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix(docker): flexvolume mapping to property

* fix(idam-aat): add test variables (#338)

* SIDM-2868 - Add nightly tests for 2.0.0 (#341)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* SIDM-3977 - v2 fix selfservice (#351)

* fix(idam-aat): add test variables

* SIDM-2686 - Add nightly tests for 2.0.0  (#339)

* feat(qa): cross browser tests'

* revert(delete): remove file

* fix dependencies

* fix codecept unknown option scan error

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* COVID-19 contatcus page changes

* SIDM-3977 Add test to check if activation link can be used after the user has registered. (#349)

* SIDM-3977 Add test to check if activation link can be used after the user has registered.

* SIDM-3977 Make it a new scenario.

* SIDM-3977 self_registration_test: Fix text

Co-authored-by: Tiago Braun <tiago.braun@amido.com>

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* chore(idam-prod): remove prod blocker (#358)

* Zap Scanner exclusions

* excluding contact-us.* from zap scanner

* excluding login.* from zap scanner

* Ignoring some reverse proxy false positives

* chore(installcharts): remove cicd config installCharts (deprecated)

* chore(deletion): remove local file

* chore(deletion): remove local file

* Update dependency-check-suppressions.xml
Suppress CVE-2020-9484

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <daniel.patynski@amido.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: Kremi Nenkova <kremi.nenkova@gmail.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@aml0232.home>
Co-authored-by: Tiago Braun <tiago.braun@amido.com>

* Increase test code coverage. (#377)

* Increase test code coverage.

* Increase test code coverage, pt.2.

* avoid running functional tests twice in nightly build

* Add missing assertions in a test.

Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* fix: remove reference to idam-master tf state (#378)

* Sonar failure fix attempt. (#381)

* V2 1 rc2 master into preview (#386)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* Enable functionals

* Update contact us details. (#253)

* Removing prod blocker

* Eliminating vulnerabilities

* Removing blocker

* Disable functionals

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

* 2.0 RC (#330)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* refactor(cicd): remove deprecated enableDockerBuild()

* feat(staging deployment): add aat values for helm

* feat(sidm-3483-fr6): 6.5 web-public (#315) (#321)

* feat(sidm-3483-fr6): update test regex to extract activation parssword

* feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits

* feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test

* feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf

* chore(ase asp): disable legacy deployments (#323)

* ci(env name): add override for env name for build with aks (#325)

* Sidm 3561 compare screenshot test (#308)

* screen shot compare test

* updated code

* updated cnp file

* added base screen shot folder to repo

* added functional-output to git ignore

* taking base screen shot is set to false

* added diff folder to screenshot folder

* added diff folder and ignore functional output

* removed some images from base folder

* added f-output folder to gitignore

* removed some images from base folder

* removed some images from base folder

* set base image to false in ui tests

* added foutput folder to gitignore

* update policy check test

* added foutput to gitignore

* updated code to run all functional tests

* updated policy check test

* added foutput to gitignore

* change name of base screen shot

* removed foutpit from gitignore

* added wait to failed tests

* added foitput to gitignore

* added ignore screen compare code

* added wait

* updates screen shot

* removed screen shot

* added foutput folder to gitignore

* applied retry

* added resemblence helper to package.json

* added resemblance helper

* enabled screen shot for visual testing

* cleaned up code

* added functional output folder to gitignore

* ingored package.lock.json

* Delete package-lock.json

* added dependencies

* added node fetch dependency

* updared lockout test

Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>

* Idam nightly tests (#326)

* Adding back the prod deployment blocker (#189)

* extra tests for code quality (#196)

* Removing blocker for go live

* Load vault secrets fix

* Security fix

* Adding go live blocker

* Securityscan master (#197)

* adding security scan config

* update public uRI

* adding fun-output dir to gitignore

* adding aat url

* Exclude jquery from the zap scanners.

* [PREVIEW] Fixing the pipeline (#211)

* [PREVIEW] SIDM-3007 SIDM-3089 SIDM-3090 Fix PR asp_name, update Dockerfile, add CVE suppression (#201)

* fix(local.asp_name): add conditional case for asp_name when running PRs

By using the asp_name_override for idam-api, idam-web-public and idam-web-admin for PRs, pipelines
cannot run in parallel as they clash with each other. Do not use asp_name_override for PRs.

* feat(security suppression): add suppression for pitest related to CVE-2019-15052

pitest 1.3.0 and 1.4.0 are flagged under CVE-2019-15052 but are only used in testing. 1.4.0 is the latest release

SIDM-3090

* fix(base image/insights agent): update Dockerfile as base image is no longer available

* Change ref in the terraform file.

* [PREVIEW] Minor content changes for 1.4.1 (#210)

* SIDM-3130 Contact Us screen - Update SSCS details.

* SIDM-2904 Update Survey feedback link across IDAM public screens.

* [PREVIEW] 1.4.1 Scope Change (#216) (#218)

* SIDM-2904 Manually revert SIDM-2904.

* SIDM-2757 Fix double apostrophe in a message. (#187)

* [PREVIEW] footer pages update (#194)

* Add 'Family Public Law' section to the 'Contact Us' page.

* Add Family Public Law Service info to cookies and privacy policy pages.

* A few adjustements.

* Remove repetition.

* Add a space.

* SIDM-2412 Remove records about 2 cookies which are not used in the Family Public Law Service. (#204)

* Add CVE-14540 and 16335 supressions

* Adding prod blocker

* Disable functional tests

* Web public tests 1.5 (#267)

* special character password test

* added password characters

* changed password characters

* redued wait time

* Sidm 3294 mfa e2e tests (#256)

* add mfa otp login tests

* add missing file

* fix typo

* add missing code

* fix test failures

* add more waits

* add more waits

* add exiplit wait

* add block policy scenario

* feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270)

* feat(SIDM-3410-ips): filter out internal ips from policy valuation

* feat(SIDM-3410-ips): simplify and merge methods

* feat(SIDM-3410-ips): simplify regex

* This should fix the ArrAffinity token problem (#277)

* feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#283)

* Include fix for 1.5 (#275)

* feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272)

* Updating with for suggestions (#273)

* Updating with for suggestions

* Need to escape the dot

* feat(sidm-3410-rc2): merge 3410 preview into RC (#284)

* Updating with for suggestions (#273)

* fix(vnet_private_ip_pattern): update escape syntax (#281)

* feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285)

* feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) (#287)

* Adding prod blocker

* Duplicated code fix

* updated security.sh file

* updated security.sh file

* added false positives to audit.json file

* added false positived to audit.json fike

* added false positives

* added false positives

* updated environment

* removed unwanted code

* updated functional tag

* updated secrets env to aat

* updated secrets env to aat

* updated url to external url

* enabled mutation tests

* added false positives to audit file

* updated audit file

* removed spaces

* removed spaces

* added false positives

* added false positives

* added false positives

* added false positives

* updated jenkins-nightly

* added false positives

* updated jenkins nightly

Co-authored-by: kremi <34029797+kremi@users.noreply.github.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Upgrade to tomcat 9.0.31 to address CVE-2020-1938

* Affinity cookie name is different

* Adding support for multiple affinity cookies (#332)

Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>

* Apply suggestions from code review

* remove waits and add suggestions

* fix test failure

* add wait for failing tests

* ci(prod blocker): add

* fix hmcts policy set for block user test

* fix(aat deployment): add credential and environment overrides

Co-authored-by: Nikola Naydenov <nikola.naydenov@amido.com>
Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com>
Co-authored-by: Henry Dobson <henrydobson@me.com>
Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com>
Co-authored-by: sudhasane <vanisekhar75@gmail.com>
Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
Co-authored-by: James Burke <james.burke@amido.com>
Co-authored-by: dfourn <dpatynski@gmail.com>
Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com>
Co-authored-by: Nikola Naydenov <nikolanaydenov@AML0232.local>
Co-authored-by: Shravan Mechineni <shravan.mechineni@ladbrokescoral.com>

* feat(chart): aat values

* 2.0.0 RC1 aat values (#336)

* Eliminating vulnerabilities

* fix unknown char in email links (#317)

* SIDM-3511 - Update chart-java release 2.16.0 (#318)

* build(chart-java): update chart-java release to 2.16.0

* …
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kremi kremi kremi left review comments

@nikola-naydenov-hmcts nikola-naydenov-hmcts nikola-naydenov-hmcts approved these changes

Assignees
No one assigned
Labels
ns:idam
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@shravanmechineni @kremi @nikola-naydenov-hmcts @jenkins-reform-hmcts2