Merge branch 'develop' into 2133-tribe-discoverability

raft-tech · Jun 11, 2024 · 2654f3c · 2654f3c
2 parents 14555bb + 9f2b277
commit 2654f3c
Show file tree

Hide file tree

Showing 45 changed files with 902 additions and 602 deletions.
diff --git a/docs/Security-Compliance/File-Transfer-TDRS/README.md b/docs/Security-Compliance/File-Transfer-TDRS/README.md
diff --git a/docs/Security-Compliance/File-Transfer-TDRS/diagram.drawio b/docs/Security-Compliance/File-Transfer-TDRS/diagram.drawio
diff --git a/docs/Security-Compliance/File-Transfer-TDRS/diagram.png b/docs/Security-Compliance/File-Transfer-TDRS/diagram.png
diff --git a/...ation/Architecture-Decision-Record/004-configuration-by-environment-variable.md b/...ation/Architecture-Decision-Record/004-configuration-by-environment-variable.md
@@ -9,9 +9,11 @@ Accepted
 
 Applications need to be configured differently depending on where they are running. For example, the backend running locally will have different configuration then the backend running in production.
 
+Further, environment variables can be designated "secret" or not; the term "secret key" is often used in place of secret environment variables. Secret keys are sometimes (but not always) shared between different deployment environments, which makes it useful to have a central "single source of truth" where a secret key can be kept and copied out to different environments. CircleCI solves this use case for us, allowing secret keys to be managed by the project's Environment Variables, and accessed in the deployment process to write to cloud.gov applications.
+
 ## Decision
 
-We will use environment variables to configure applications.
+We will use environment variables to configure applications. We will use Environment Variables in CircleCI to store and manage secret keys.
 
 ## Consequences
 

diff --git a/docs/Technical-Documentation/secret-key-rotation-steps.md b/docs/Technical-Documentation/secret-key-rotation-steps.md
@@ -6,7 +6,6 @@ To maintain good security, we will periodically rotate the following secret keys
 - CF deployer keys (_for continuous delivery_)
 - JWT keys (_external user auth_)
 - ACF AMS keys (_internal user auth_)
-- ACF Titan server keys (_for file transfers between TDP and TDRS_)
 - Django secret keys ([_cryptographic signing_](https://docs.djangoproject.com/en/4.0/topics/signing/#module-django.core.signing))
 
 This document outlines the process for doing this for each set of keys. 
@@ -154,61 +153,6 @@ Service requests tickets must be submitted by Government-authorized personnel wi
 2. Update environment variables in CircleCI and relevant cloud.gov backend applications after ticket completed by OCIO. [Restage applications](https://cloud.gov/docs/deployment/app-maintenance/#restaging-your-app).
 </details>
 
-**<details><summary>ACF Titan Server Keys</summary>**
-The ACF OCIO Ops team manages these credentials for all environments (dev, staging, and prod), so we will need to submit a service request ticket whenever we need keys rotated. 
-
-Service requests tickets must be submitted by Government-authorized personnel with Government computers and PIV access (e.g. Raft tech lead for lower environments and TDP sys admins for production environment). Please follow the procedures below:
-
-1. Generate new public/private key pair
-
-Below is an example of how to generate new titan public/private key pair from _Git BASH for Windows_. Two files called `filename_where_newtitan_keypair_saved` are created: one is the _private_ key and the other is a _public_ key (the latter is saved with a _.pub_ extention).
-(note: the info below is not associated with any real keys)
-
-```
-$ ssh-keygen -t rsa -b 4096
-Generating public/private rsa key pair.
-
-Enter file in which to save the key (/c/Users/username/.ssh/id_rsa): filename_where_newtitan_keypair_saved
-
-Enter passphrase (empty for no passphrase):
-
-Enter same passphrase again:
-
-Your identification has been saved in filename_where_newtitan_keypair_saved
-
-Your public key has been saved in filename_where_newtitan_keypair_saved.pub
-
-The key fingerprint is:
-SHA256:BY6Nl0hCjIrI9yZMBGH2vbDFLCTq2DsFQXQTmLydwjI 
-
-The key's randomart image is:
-+---[RSA 4096]----+
-| X*B*.. .        |
-|+ O+=+ * o       |
-|=oo* *+ = .      |
-|Eo++B .. .       |
-|.+=oo.  S        |
-|   = o           |
-|  o o            |
-|   .             |
-|                 |
-+----[SHA256]-----+
-```
-
-2. Submit request tickets from government-issued email address and use the email template located on **page 2** of [this document.](https://hhsgov.sharepoint.com/:w:/r/sites/TANFDataPortalOFA/Shared%20Documents/compliance/Authentication%20%26%20Authorization/ACF%20AMS%20docs/OCIO%20OPERATIONS%20REQUEST%20TEMPLATES.docx?d=w5332585c1ecf49a4aeda17674f687154&csf=1&web=1&e=aQyIPz) cc OFA tech lead on lower environment requests. 
-
-The request should include:
-- the titan service account name (i.e. `tanfdp` for prod; `tanfdpdev` for dev/staging) 
-- the newly generated public key from `filename_where_newtitan_keypair_saved.pub`
-
-3. When OCIO confirms that the change has been made, add the private key from `filename_where_newtitan_keypair_saved` to CircleCI as an environment variable. The variable name is `ACFTITAN_KEY`. **Please note**: the value needs must be edited before adding to CircleCI. It should be a one-line string with underscores ("_") replacing the spaces at the end of every line. See example below:
-
-```
------BEGIN OPENSSH PRIVATE KEY-----_somehashvalue_-----END OPENSSH PRIVATE KEY-----
-```
-
-4. Re-run the deployment workflow from CircleCI and confirm that the updated key value pair has been added to the relevant cloud.gov backend application.
-</details>
 
 **<details><summary>Django secret keys</summary>**
 

diff --git a/product-updates/img/error-reports/click-file-name-download.png b/product-updates/img/error-reports/click-file-name-download.png
diff --git a/product-updates/img/error-reports/error-report.png b/product-updates/img/error-reports/error-report.png
diff --git a/product-updates/img/error-reports/flatfile.png b/product-updates/img/error-reports/flatfile.png
diff --git a/product-updates/img/getting-started/data-submitted.png b/product-updates/img/getting-started/data-submitted.png
diff --git a/product-updates/knowledge-center/about-email-notifications.html b/product-updates/knowledge-center/about-email-notifications.html
@@ -187,6 +187,10 @@
         <a href="view-submission-history.html">Viewing Submission History</a>
         </li>
 
+        <li class="usa-sidenav__item">
+                <a href="./viewing-error-reports.html">Understanding Error Reports and File Structure</a>
+              </li>
+
         <li class="usa-sidenav__item">
         <a href="complete-resubmissions.html">Resubmitting Complete Data Files</a>
         </li>
@@ -251,6 +255,10 @@
             <a href="view-submission-history.html">Viewing Submission History</a>
             </li>
 
+            <li class="usa-sidenav__item">
+                <a href="./viewing-error-reports.html">Understanding Error Reports and File Structure</a>
+              </li>
+
             <li class="usa-sidenav__item">
             <a href="complete-resubmissions.html">Resubmitting Complete Data Files</a>
             </li>
@@ -316,11 +324,13 @@ <h2 class="usa-process-list__heading">Access Request Status</h2>
           <li class="usa-process-list__item">
             <h2 class="usa-process-list__heading">Data Submitted by Section</h2>
             <p>
-              Upon successful submission of your data files you will also receive an email confirmation for each section from <em>[email protected]</em>.
+              When data files you've submitted have been processed by the system you will also receive an email confirmation for each section from <em>[email protected]</em>.
                 <br>
               <a href="../img/getting-started/data-submitted.png" data-lity data-lity-desc="Data Submitted by Section">
               <img src="../img/getting-started/data-submitted.png" alt="Data Submitted by Section">
               </a>
+
+              These emails will also highlight whether or not the system found errors in your data. Note that OFA may still reach out to you via email with additional feedback on your data even if TDP detected no errors. <a href="viewing-error-reports.html">Read more about error reports</a>.
             </p>
           </li>
 

diff --git a/product-updates/knowledge-center/complete-resubmissions.html b/product-updates/knowledge-center/complete-resubmissions.html
@@ -189,6 +189,10 @@
         <a href="view-submission-history.html">Viewing Submission History</a>
         </li>
 
+        <li class="usa-sidenav__item">
+                <a href="./viewing-error-reports.html">Understanding Error Reports and File Structure</a>
+              </li>
+
         <li class="usa-sidenav__item">
         <a href="complete-resubmissions.html" class="usa-current" aria-current="page">Resubmitting Complete Data Files</a>
         </li>
@@ -253,6 +257,10 @@
               <a href="view-submission-history.html">Viewing Submission History</a>
               </li>
 
+              <li class="usa-sidenav__item">
+                <a href="./viewing-error-reports.html">Understanding Error Reports and File Structure</a>
+              </li>
+
               <li class="usa-sidenav__item">
               <a href="complete-resubmissions.html" class="usa-current" aria-current="page">Resubmitting Complete Data Files</a>
               </li>

diff --git a/product-updates/knowledge-center/create-new-login.html b/product-updates/knowledge-center/create-new-login.html
@@ -189,6 +189,10 @@
         <a href="view-submission-history.html">Viewing Submission History</a>
         </li>
 
+        <li class="usa-sidenav__item">
+                <a href="./viewing-error-reports.html">Understanding Error Reports and File Structure</a>
+              </li>
+
         <li class="usa-sidenav__item">
         <a href="./complete-resubmissions.html">Resubmitting Complete Data Files</a>
         </li>
@@ -252,6 +256,10 @@
           <a href="view-submission-history.html">Viewing Submission History</a>
           </li>
 
+          <li class="usa-sidenav__item">
+                <a href="./viewing-error-reports.html">Understanding Error Reports and File Structure</a>
+              </li>
+
           <li class="usa-sidenav__item">
           <a href="./complete-resubmissions.html">Resubmitting Complete Data Files</a>
           </li>

diff --git a/product-updates/knowledge-center/existing-login.html b/product-updates/knowledge-center/existing-login.html
@@ -185,6 +185,10 @@
         <a href="view-submission-history.html">Viewing Submission History</a>
         </li>
 
+        <li class="usa-sidenav__item">
+                <a href="./viewing-error-reports.html">Understanding Error Reports and File Structure</a>
+              </li>
+
         <li class="usa-sidenav__item">
         <a href="./complete-resubmissions.html">Resubmitting Complete Data Files</a>
         </li>
@@ -250,6 +254,10 @@
             <a href="view-submission-history.html">Viewing Submission History</a>
             </li>
 
+            <li class="usa-sidenav__item">
+                <a href="./viewing-error-reports.html">Understanding Error Reports and File Structure</a>
+              </li>
+
             <li class="usa-sidenav__item">
             <a href="./complete-resubmissions.html">Resubmitting Complete Data Files</a>
             </li>

diff --git a/product-updates/knowledge-center/exporting-complete-data-using-ftanf.html b/product-updates/knowledge-center/exporting-complete-data-using-ftanf.html
@@ -188,10 +188,16 @@
         <a href="view-submission-history.html">Viewing Submission History</a>
         </li>
 
+        <li class="usa-sidenav__item">
+                <a href="./viewing-error-reports.html">Understanding Error Reports and File Structure</a>
+              </li>
+
         <li class="usa-sidenav__item">
         <a href="./complete-resubmissions.html">Resubmitting Complete Data Files</a>
         </li>
 
+
+
         <li class="usa-sidenav__item">
         <a href="./exporting-complete-data-using-ftanf.html"class="usa-current" aria-current="page">Exporting Complete Data Using FTANF</a>
         </li>
@@ -252,6 +258,10 @@
               <a href="view-submission-history.html">Viewing Submission History</a>
               </li>
 
+              <li class="usa-sidenav__item">
+                <a href="./viewing-error-reports.html">Understanding Error Reports and File Structure</a>
+              </li>
+
               <li class="usa-sidenav__item">
               <a href="complete-resubmissions.html">Resubmitting Complete Data Files</a>
               </li>

diff --git a/product-updates/knowledge-center/faq.html b/product-updates/knowledge-center/faq.html
@@ -171,6 +171,10 @@
         <a href="view-submission-history.html">Viewing Submission History</a>
         </li>
 
+        <li class="usa-sidenav__item">
+                <a href="./viewing-error-reports.html">Understanding Error Reports and File Structure</a>
+              </li>
+
         <li class="usa-sidenav__item">
         <a href="./complete-resubmissions.html">Resubmitting Complete Data Files</a>
         </li>
@@ -236,6 +240,10 @@
               <a href="view-submission-history.html">Viewing Submission History</a>
               </li>
 
+              <li class="usa-sidenav__item">
+                <a href="./viewing-error-reports.html">Understanding Error Reports and File Structure</a>
+              </li>
+
               <li class="usa-sidenav__item">
               <a href="./complete-resubmissions.html">Resubmitting Complete Data Files</a>
               </li>

diff --git a/product-updates/knowledge-center/give-feedback.html b/product-updates/knowledge-center/give-feedback.html
@@ -199,6 +199,10 @@
         <a href="view-submission-history.html">Viewing Submission History</a>
         </li>
 
+        <li class="usa-sidenav__item">
+                <a href="./viewing-error-reports.html">Understanding Error Reports and File Structure</a>
+              </li>
+
         <li class="usa-sidenav__item">
         <a href="./complete-resubmissions.html">Resubmitting Complete Data Files</a>
         </li>
@@ -264,6 +268,10 @@
           <a href="view-submission-history.html">Viewing Submission History</a>
           </li>
 
+          <li class="usa-sidenav__item">
+                <a href="./viewing-error-reports.html">Understanding Error Reports and File Structure</a>
+              </li>
+
           <li class="usa-sidenav__item">
           <a href="./complete-resubmissions.html">Resubmitting Complete Data Files</a>
           </li>

diff --git a/product-updates/knowledge-center/index.html b/product-updates/knowledge-center/index.html
@@ -171,6 +171,10 @@
         <a href="view-submission-history.html">Viewing Submission History</a>
         </li>
 
+        <li class="usa-sidenav__item">
+                <a href="./viewing-error-reports.html">Understanding Error Reports and File Structure</a>
+              </li>
+
         <li class="usa-sidenav__item">
         <a href="./complete-resubmissions.html">Resubmitting Complete Data Files</a>
         </li>
@@ -238,6 +242,10 @@
               <a href="view-submission-history.html">Viewing Submission History</a>
               </li>
 
+              <li class="usa-sidenav__item">
+                <a href="./viewing-error-reports.html">Understanding Error Reports and File Structure</a>
+              </li>
+
               <li class="usa-sidenav__item">
               <a href="./complete-resubmissions.html">Resubmitting Complete Data Files</a>
               </li>

diff --git a/product-updates/knowledge-center/managing-your-account.html b/product-updates/knowledge-center/managing-your-account.html
@@ -175,6 +175,10 @@
         <a href="view-submission-history.html">Viewing Submission History</a>
         </li>
 
+        <li class="usa-sidenav__item">
+                <a href="./viewing-error-reports.html">Understanding Error Reports and File Structure</a>
+              </li>
+
         <li class="usa-sidenav__item">
         <a href="./complete-resubmissions.html">Resubmitting Complete Data Files</a>
         </li>
@@ -241,6 +245,10 @@
               <a href="view-submission-history.html">Viewing Submission History</a>
               </li>
 
+              <li class="usa-sidenav__item">
+                <a href="./viewing-error-reports.html">Understanding Error Reports and File Structure</a>
+              </li>
+
               <li class="usa-sidenav__item">
               <a href="./complete-resubmissions.html">Resubmitting Complete Data Files</a>
               </li>

diff --git a/product-updates/knowledge-center/uploading-data.html b/product-updates/knowledge-center/uploading-data.html
@@ -176,6 +176,10 @@
         <a href="view-submission-history.html">Viewing Submission History</a>
         </li>
 
+        <li class="usa-sidenav__item">
+                <a href="./viewing-error-reports.html">Understanding Error Reports and File Structure</a>
+              </li>
+
         <li class="usa-sidenav__item">
         <a href="./complete-resubmissions.html">Resubmitting Complete Data Files</a>
         </li>
@@ -242,6 +246,10 @@
                 <a href="./view-submission-history.html">Viewing Submission History</a>
                 </li>
 
+                <li class="usa-sidenav__item">
+                <a href="./viewing-error-reports.html">Understanding Error Reports and File Structure</a>
+              </li>
+
               <li class="usa-sidenav__item">
                   <a href="./complete-resubmissions.html">Resubmitting Complete Data Files</a>
               </li>

diff --git a/product-updates/knowledge-center/view-submission-history.html b/product-updates/knowledge-center/view-submission-history.html
@@ -189,6 +189,10 @@
           <a href="./view-submission-history.html" class="usa-current" aria-current="page">Viewing Submission History</a>
           </li>
 
+          <li class="usa-sidenav__item">
+          <a href="./viewing-error-reports.html">Understanding Error Reports and File Structure</a>
+          </li>
+
           <li class="usa-sidenav__item">
           <a href="./complete-resubmissions.html">Resubmitting Complete Data Files</a>
           </li>
@@ -256,6 +260,10 @@
                 <a href="./view-submission-history.html" class="usa-current" aria-current="page">Viewing Submission History</a>
                 </li>
 
+                 <li class="usa-sidenav__item">
+                <a href="./viewing-error-reports.html">Understanding Error Reports and File Structure</a>
+              </li>
+
               <li class="usa-sidenav__item">
                 <a href="./complete-resubmissions.html">Resubmitting Complete Data Files</a>
               </li>
@@ -449,7 +457,7 @@ <h2>Understanding File Statuses and Aggregate Data</h2>
     <tr>
       <th scope="row">Total Errors</th>
       <td>
-        Since section 3 and 4 data contain aggregate values in one record (rather than case data with many records), TDP can only provide the total number of errors detected in the record. Errors here likely relate to values outside those defined in the <a href="">TANF/SSP Coding Instructions</a> or <a href="">Tribal TANF Coding Instructions</a> and/or inconsistencies in the values between related elements for a given reporting month. 
+        Since section 3 and 4 data contain aggregate values in one record (rather than case data with many records), TDP can only provide the total number of errors detected in the record. Errors here likely relate to values outside those defined in the <a href="https://www.acf.hhs.gov/ofa/policy-guidance/acf-ofa-pi-23-04">TANF/SSP Coding Instructions</a> or <a href="https://www.acf.hhs.gov/ofa/policy-guidance/tribal-tanf-data-coding-instructions">Tribal TANF Coding Instructions</a> and/or inconsistencies in the values between related elements for a given reporting month. 
       </td>
 
     </tr>