Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Audit branch protection rules #1

Open
4 tasks
ssbarnea opened this issue Sep 16, 2021 · 0 comments
Open
4 tasks

Audit branch protection rules #1

ssbarnea opened this issue Sep 16, 2021 · 0 comments
Labels
enhancement New feature or request workflows Related to processes and workflows

Comments

@ssbarnea
Copy link
Member

ssbarnea commented Sep 16, 2021
edited
Loading

As @webknjaz and I observed, we often observe repositories that have wrong or incomplete branch protection rules. This can lead to mistakes or even more dangerous security issues.

The good part is that ansible zuul is already able to automatically configure some of these permissions and it runs regularly.

Actions:

  • record all projects nurtured by devtools team in a file inside this repository
  • configure correct branch protection for each of out projects
  • send email/slack/irc notification when config is changed
  • if main zuul job cannot be used for that, we can create another pipeline on zuul or gha that does what we need
@ssbarnea ssbarnea added workflows Related to processes and workflows enhancement New feature or request labels Sep 16, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request workflows Related to processes and workflows
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ssbarnea