Temporary Assistance for Needy Families (TANF) Data Portal - TDP

	Raft-Tech(raft-tdp-main)	HHS(main)
Build
Security Frontend
Security Backend
Frontend Coverage
Backend Coverage

Due to limitations imposed by Github and occasional slow server response times, some badges may require a page refresh to load.

Office of Family Assistance (OFA) & Temporary Assistance for Needy Families (TANF) Data Portal.

Welcome to the home of the TANF Data Portal (TDP), a new software development project from the Office of Family Assistance (OFA), an office within the Administration for Children Families (ACF).

What We're Building and Why

• Product planning page includes latest information on our product mission, goals, roadmap, and backlog.

Getting Started

Running the Application locally

Both the frontend (http://localhost:3000) and the backend (http://localhost:8080) applications run within Docker. Instructions for running these containers are below:

$ cd tdrs-frontend && docker-compose up -d
$ cd tdrs-backend && docker-compose up -d 

After the above commands there will be a total of 5 running containers

CONTAINER ID        IMAGE                        COMMAND                  CREATED             STATUS                            PORTS                    NAMES
c803336c1f61        tdp                          "bash -c 'python wai…"   3 seconds ago       Up 3 seconds                      0.0.0.0:8080->8080/tcp   tdrs-backend_web_1
20912a347e00        postgres:11.6                "docker-entrypoint.s…"   4 seconds ago       Up 3 seconds                      5432/tcp                 tdrs-backend_postgres_1
9c3e6c2a88b0        owasp/zap2docker-weekly      "sleep 3600"             4 seconds ago       Up 3 seconds (health: starting)                            tdrs-backend_zaproxy_1
7fa018dc68d1        owasp/zap2docker-stable      "sleep 3600"             41 seconds ago      Up 40 seconds (unhealthy)         0.0.0.0:8090->8090/tcp   zap-scan
63f6da197629        tdrs-frontend_tdp-frontend   "/docker-entrypoint.…"   41 seconds ago      Up 40 seconds                     0.0.0.0:3000->80/tcp     tdp-ui

Below is a GIF of both the frontend and backend running locally

Detailed instructions for running unit and end-to-end integration testing on frontend and backend are available below

• Frontend
• Backend

Infrastructure

TDP Uses Infrastructure as Code (IaC) and DevSecOps automation

Authentication

Login.gov TDP requires strong multi-factor authentication for the states, tribes, and territories and Personal Identity Verification (PIV) authentication for OFA staff. Login.gov is being used to meet both of these requirements.

Cloud Environment

Cloud.gov is being used as the cloud environment. This platform-as-a-service (PaaS) removes almost all of the infrastructure monitoring and maintenance from the system, is already procured for OFA, and has a FedRAMP Joint Authorization Board Provisional Authority to Operate (JAB P-ATO) on file.

CI/CD Pipelines with CircleCI

Continuous Integration (CI)

On each git push and merge, a comprehensive list of automated checks are run: Unit tests (Jest, Cypress), Integration tests (Cypress), Linting tests (ESLint and Black), Accessibility tests (Pa11y), and Security Scanning (OWASP ZAP). The configurations for CI are kept in .circleci/config.yml.

Continuous Deployment

The application is continuously deployed to the dev, staging, or prod environments based on the git branch the code is merged in. The configuration for different branches is maintained in .circleci/config.yml. The application is deployed to the following environments: