Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

INT B-20928 #14058

Open
wants to merge 13 commits into
base: integrationTesting
Choose a base branch
from
Open

INT B-20928 #14058

wants to merge 13 commits into from

Conversation

danieljordan-caci
Copy link
Contributor

Agility ticket

Summary

Security wanted us to not use MD5 hashing, so transitioning to SHA256 for uploads and adding in the CheckSumAlgorithem when uploading to S3.

This also contains code to fix some flaky tests. Idk, man.

How to test

  1. You'll need to go to your .envrc and uncomment export STORAGE_BACKEND=s3
  2. Run direnv allow
  3. Run aws-vault exec transcom-gov-dev -- make server_run
  4. While that's building, make sure you are in the right AWS profile - transcom-gov-dev
  5. This allows us to upload files to S3 instead of locally (docs here)
  6. Log in as a customer, fill out all information and upload some orders
  7. In your CLI, run aws-vault login transcom-gov-dev - this will open the AWS Console
  8. Search for S3 and get in there
  9. Find your buckets
  10. There should be one that says transcom-gov-dev-app-devlocal-us-gov-west-1, click it
  11. You should see your name/repo if the file uploaded correctly (ex. daniel.jordan_cn)
  12. Click through and click the file you uploaded to where you see the Object Overview section
  13. Scroll down and you should see an Additional checksums section
  14. Confirm you see an additional SHA-256 checksum

Screenshots

Screenshot 2024-10-29 at 11 15 28 AM

@danieljordan-caci danieljordan-caci added Mountain Movers Movin' Mountains 1 Sprint at a time INTEGRATION Slated for Integration Testing labels Oct 30, 2024
@danieljordan-caci danieljordan-caci requested review from lucyluuuu and a team October 30, 2024 14:58
@danieljordan-caci danieljordan-caci self-assigned this Oct 30, 2024
Copy link

@lucyluuuu lucyluuuu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did not see new vulnerabilities on files changed when scanned locally. Pre-test jobs ran successfully.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
INTEGRATION Slated for Integration Testing Mountain Movers Movin' Mountains 1 Sprint at a time
Development

Successfully merging this pull request may close these issues.

2 participants