Alis Akers
Alis Akers
# DEVOPS PULL REQUEST ## Related Issue - resolves #7560 ## Changes Proposed - Update azurerm provider version to `3.100.0` - Update function app to use node version `20` -...
Review the Snyk/Dependabot/Sonar reports, and resolve any High and Critical items that can be addressed.
Initiating a Fortify scan is a cumbersome manual process, but CDCGov has a way to run this scan and submit results from a GitHub pipeline.
# PULL REQUEST ## Summary - Adds a new deploy workflow that gets a tag, builds and pushes docker images and calls octopus for release and deployments. - Some GH...
### Background Per warnings found in the most recent executions of `tfsec`, the Aqua team has shifted their focus to Trivy. `tfsec` will continue to be available, but it is...
The med sev results from our repo code scanning need further investigation before resolution. - [79](https://github.com/CDCgov/prime-simplereport/security/code-scanning/79) - [83](https://github.com/CDCgov/prime-simplereport/security/code-scanning/79) Acceptance criteria options: - Resolve the issues by refactoring the impacted code...
Context: https://github.com/CDCgov/prime-simplereport/pull/3730/files WAF rule gets triggered for our whoami function. We'd like to update this so that we don't need to use a rule override.