Add DevSecOpsApp code with updated Jenkins pipeline for multi-environment deployment

PR_DESCRIPTION.md

@@ -0,0 +1,46 @@
+# 🔒 Feature: Enhanced TruffleHog Secret Detection Testing
+
+## Purpose
+This feature branch contains **intentional test secrets** to validate our enhanced TruffleHog configuration and ensure proper secret detection in our DevSecOps CI/CD pipeline.
+
+## Changes Made
+- ✅ Added comprehensive test secrets to `backend/server.js`:
+  - AWS Access Key & Secret Access Key
+  - GitHub Personal Access Token
+  - Database Password
+  - JWT Secret Key
+  - Stripe Secret Key
+  - SendGrid API Key
+  - Slack Webhook URL
+  - MongoDB Connection String
+
+## Expected DevSecOps Pipeline Behavior
+🚨 **This PR should FAIL the Jenkins build** due to secret detection:
+
+1. **Jenkins Pipeline Trigger**: PR creation should trigger multibranch pipeline
+2. **Secret Scan Stage**: TruffleHog should scan local workspace (`trufflehog filesystem . --fail`)
+3. **Multiple Secret Detection**: Should detect 8+ different types of secrets
+4. **Build Failure**: Pipeline should fail at "Secret Scan" stage
+5. **Security Gate**: PR should be blocked from merging
+
+## DevSecOps Learning Objectives
+This feature validates our security controls:
+- ✅ Local workspace scanning (vs remote GitHub scanning)
+- ✅ Multiple secret pattern detection
+- ✅ CI/CD security gate enforcement
+- ✅ Automated security failure notifications
+
+## Merge Strategy
+**Target Branch**: `development`
+
+## Post-Validation Steps
+After confirming TruffleHog detection works:
+1. Remove all test secrets from `server.js`
+2. Update PR to pass security scan
+3. Merge clean code into development
+4. Document security scanning success
+
+---
+**⚠️ SECURITY WARNING: This PR contains test secrets and should NOT be merged until all secrets are removed!**
+
+**📚 DevSecOps Learning**: This demonstrates "shift-left" security practices by catching secrets early in the development cycle.