raft-tech / TANF-app

Repo for development of a new TANF Data Reporting System
Other
17 stars 4 forks source link

Temporary Assistance for Needy Families (TANF) Data Portal - TDP

Welcome to the project for the New TANF Data Portal, which will replace the legacy TANF Data Reporting System!

Our vision is to build a new, secure, web-based data reporting system to improve the federal reporting experience for TANF grantees and federal staff. The new system will allow grantees to easily submit accurate data and be confident that they have fulfilled their reporting requirements. This will reduce the burden on all users, improve data quality, lead to better policy and program decision-making, and ultimately help low-income families.


Current Build

Raft-Tech(develop) HHS(main) HHS(master)
Build CircleCI-Dev CircleCI-HHS CircleCI-HHS
Security Dependabot-Dev Advisories-HHS Advisories-HHS
Frontend Coverage Codecov-Frontend-Dev Codeco-Frontend-HHS Codeco-Frontend-HHS
Backend Coverage Codecov-Backend-Dev Codecov-Backend-HHS Codecov-Backend-HHS

Link to Current Development Deployments

Due to limitations imposed by Github and occasional slow server response times, some badges may require a page refresh to load.

TDP is subject to the ACF Privacy Policy and HHS Vulnerability Disclosure Policy.


Table of Contents

Infrastructure

TDP Uses Infrastructure as Code (IaC) and DevSecOps automation

Authentication

TDP application requires strong multi-factor authentication (MFA) for all users, and Personal Identity Verification (PIV) authentication must be used as the 2nd factor for all internal ACF staff. ACF AMS authentication service is being used for ACF users, and Login.gov authentication service is being used for external users.

See Architecture Decision Record 005 - Application Authentication - for more details.

Cloud Environment

Cloud.gov is being used as the cloud environment. This platform-as-a-service (PaaS) removes almost all of the infrastructure monitoring and maintenance from the system, is already procured for OFA, and has a FedRAMP Joint Authorization Board Provisional Authority to Operate (JAB P-ATO) on file.

See Architecture Decision Record 003 - Application Hosting - for more details.

CI/CD Pipelines with CircleCI

Continuous Integration (CI)

On each git push and merge, a comprehensive list of automated checks are run: Unit tests (Jest, Linting tests (ESLint, Accessibility tests (Pa11y), and Security Scanning (OWASP ZAP). The configurations for CI are generated by .circleci/config.yml. Circle Ci workflows, jobs, and commands are separated into respective yaml files.

See Architecture Decision Record 006 - Continuous integration and TDP's CircleCi Workflows, Environment Variables, and Builds- for more details.

Continuous Deployment

The application is continuously deployed to the dev, staging, or prod environments based on the git branch the code is merged in. The configuration for different branches is maintained in .circleci/config.yml.

See Architecture Decision Record 008 - Deployment Flow - for more details.

Accessibility

TDP is developed to be (at minimum) compliant with Section 508 of the Rehabilitation Act which mandates a WCAG 2.0 AA standard. To enable a left-shifted approach to accessibility and aid the team in implementing accessible solutions, Raft maintains an Accessibility Guide to help enable those less familiar with a11y testing up and running. For additional documentation & resources regarding project accessibility, see QASP Accessibility Expectations.

Points of Contact

Position Name GitHub Username E-mail
Product Owner Lauren Frohlich @lfrohlich Lauren.Frohlich@acf.hhs.gov
Government Technical Monitor Alex Pennington @adpennington Alexandra.Pennington@acf.hhs.gov
Vendor Product Manager Rob Gendron @robgendron rgendron@teamraft.com