Merge pull request #953 from hmrc/BDOG-3252

BDOG-3252: Add extra link to leak detection page for how to resolve leaks

app/uk/gov/hmrc/cataloguefrontend/leakdetection/LeakDetectionController.scala

@@ -104,12 +104,13 @@ class LeakDetectionController @Inject()(
       )
       .async { implicit request =>
         for
-          isAuthorised <- auth.authorised(None, Retrieval.hasPredicate(leaksPermission(repository, "READ")))
-          report       <- leakDetectionService.report(repository, branch)
-          leaks        <- leakDetectionService.reportLeaks(report.id)
-          warnings     <- leakDetectionService.reportWarnings(report.id)
-          resolutionUrl = leakDetectionService.resolutionUrl
-        yield Ok(leaksPage(report, report.exclusions, leaks, warnings, resolutionUrl, isAuthorised))
+          isAuthorised          <- auth.authorised(None, Retrieval.hasPredicate(leaksPermission(repository, "READ")))
+          report                <- leakDetectionService.report(repository, branch)
+          leaks                 <- leakDetectionService.reportLeaks(report.id)
+          warnings              <- leakDetectionService.reportWarnings(report.id)
+          resolutionUrl          = leakDetectionService.resolutionUrl
+          removeSensitiveInfoUrl = leakDetectionService.removeSensitiveInfoUrl
+        yield Ok(leaksPage(report, report.exclusions, leaks, warnings, resolutionUrl, removeSensitiveInfoUrl, isAuthorised))
       }
 
   def reportExemptions(repository: String, branch: String): Action[AnyContent] =

app/uk/gov/hmrc/cataloguefrontend/leakdetection/LeakDetectionService.scala

@@ -35,6 +35,10 @@ class LeakDetectionService @Inject() (
   def resolutionUrl: String =
     configuration
       .get[String]("leakDetection.resolution.url")
+
+  def removeSensitiveInfoUrl: String =
+    configuration
+      .get[String]("leakDetection.removeSensitiveInfo.url")
 
   def urlIfLeaksFound(repoName: String)(using HeaderCarrier): Future[Option[String]] =
     repositoriesWithLeaks().map: reposWithLeaks =>

app/uk/gov/hmrc/cataloguefrontend/leakdetection/view/LeakDetectionLeaksPage.scala.html

@@ -19,14 +19,15 @@
 
 @this()
 
-@(report           : LeakDetectionReport,
-  exemptions       : Map[String, Int],
-  unresolvedLeaks  : Seq[LeakDetectionLeaksByRule],
-  warnings         : Seq[LeakDetectionWarning],
-  leakResolutionUrl: String,
-  isAuthorised     : Boolean
+@(report                : LeakDetectionReport,
+  exemptions            : Map[String, Int],
+  unresolvedLeaks       : Seq[LeakDetectionLeaksByRule],
+  warnings              : Seq[LeakDetectionWarning],
+  leakResolutionUrl     : String,
+  removeSensitiveInfoUrl: String,
+  isAuthorised          : Boolean
 )(implicit
-  request          : RequestHeader
+  request               : RequestHeader
 )
 
 @standard_layout(s"Leak detection report", active = "health") {
@@ -96,7 +97,7 @@ <h5 class="fw-bold">Exemptions</h5>
         <h3 class="fw-bold">Unresolved leaks</h3>
         @if(isAuthorised) {
             <div class="alert alert-warning">
-                Please click <a href="@leakResolutionUrl">here</a> to find out how to resolve the leaks
+                Please click <a href="@leakResolutionUrl">here</a> to find out how to resolve the leaks. Further information on how to remove sensitive information from GitHub can be found <a href="@removeSensitiveInfoUrl">here</a>.
             </div>
             @LeakDetectionLeaks(unresolvedLeaks, "Violations")
         } else {

conf/application.conf

@@ -199,7 +199,10 @@ whats-running-where {
   max-memory = 32768.0 #The threshold of memory across instances and slots, for which the RGBA alpha value will be at its maximum. Any slotsAndInstancesToMemory values above this will be bounded to this figure.
 }
 
-leakDetection.resolution.url = "https://confluence.tools.tax.service.gov.uk/x/Qm-pBQ"
+leakDetection {
+  resolution.url  = "https://confluence.tools.tax.service.gov.uk/x/Qm-pBQ"
+  removeSensitiveInfo.url = "https://confluence.tools.tax.service.gov.uk/display/SEC/Remove+sensitive+data+from+a+Git+repository"
+}
 
 telemetry.templates {
   metrics   = "http://metrics.${env}.local/${service}"