From 3f73c3c7312e9b62a3eee1697d1e217f1bd647dc Mon Sep 17 00:00:00 2001 From: Filip Cirtog Date: Thu, 15 Aug 2024 17:23:47 +0100 Subject: [PATCH] Delete docs/releases/v2.8.2/sdlc-compliance.md --- docs/releases/v2.8.2/sdlc-compliance.md | 45 ------------------------- 1 file changed, 45 deletions(-) delete mode 100644 docs/releases/v2.8.2/sdlc-compliance.md diff --git a/docs/releases/v2.8.2/sdlc-compliance.md b/docs/releases/v2.8.2/sdlc-compliance.md deleted file mode 100644 index 91ba7d5ab7..0000000000 --- a/docs/releases/v2.8.2/sdlc-compliance.md +++ /dev/null @@ -1,45 +0,0 @@ -SSDLC Compliance Report: Atlas Kubernetes Operator Manager v2.8.2 -================================================================= - -- Release Creators: filip_as@yahoo.com -- Created On: 2024-08-14 - -Overview: - -- **Product and Release Name** - - - Atlas Kubernetes Operator v2.8.2, 2024-08-14. - -- **Process Document** - - http://go/how-we-develop-software-doc - -- **Tool used to track third party vulnerabilities** - - [Silk](https://www.silk.security/) - -- **Dependency Information** - - See SBOMS Lite manifests (CycloneDX in JSON format) for `Intel` and `ARM` are to be found [here](.) - - See [instructions on how the SBOMs are generated or how to generate them manually](../../dev/image-sboms.md) - -- **Static Analysis Report** - - No SAST findings. Our CI system blocks merges on any SAST findings. - - No vulnerabilities were ignored for this release. - -- **Release Signature Report** - - Image signatures enforced by CI pipeline. - - See [Signature verification instructions here](../../dev/signed-images.md) - - Self-verification shortcut: - ```shell - make verify IMG=mongodb/mongodb-atlas-kubernetes-operator:2.8.2 SIGNATURE_REPO=mongodb/signatures - ``` - -- **Security Testing Report** - - Available as needed from Cloud Security. - -- **Security Assessment Report** - - Available as needed from Cloud Security. - -Assumptions and attestations: - -- Internal processes are used to ensure CVEs are identified and mitigated within SLAs. - -- All Operator images are signed by MongoDB, with signatures stored at `docker.io/mongodb/signatures`.