gracekretschmer-metrostar
commented
4 months ago @anantais and @JakeBapple, there is a backlog of security issues attached to this epic (see under the task list). When each of you have completed your sprint tasks, you can pick up work in this task list.
Background
The platform reliability team is working on what is called Preview Environments - It allows teams to take their new code and combine it with isolated snapshots of the FE/BE repositories, so they can test their code in an isolated and low risk environment. The team's intent (and project requirements) includes making these Preview Environments publicly accessible, so teams can use these environments to test with real veteran end users.
In order to get anything publicly accessible, the team need to navigate through various stages of an approval process, which they've been working on and towards for quite some time to meet the various requirements that we become aware of. One of these requirements included having code scanning done on our repositories - which surfaced a number of critical & high issues for vets-website, vets-api, and content-build. In order to continue proceeding, we need to resolve the issues on that code scanning report, however it involves fixing a number of items in content-build, which we're not super familiar with.
In the WASA scan, three critical issues were identified within the content-build repo that the CMS team will own getting resolved.
Relevant Links
User Story or Problem Statement
As user researcher, I wanted to be able to make preview environments publicly accessible so that I can more meaningful run usability tests with members of the public. To make preview environments publicly available, the preview environments need to resolve all critical issues identified in the WASA scan.