Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add Risk Engine configuration #130

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

risk-engine-production[bot]
Copy link

Summary

This PR introduces the RiskEngineConfig.yaml file, enabling Risk Engine in your team's repository. For a deeper understanding, please visit here. While Risk Engine assumes reasonable defaults for your project, we recommend tailoring your riskEngineConfig.yaml prior to merging this PR. See the Risk Engine Config File Setup guide for assistance.

What is Risk Engine?

Risk Engine is an automated tool for risk assessment. Its design promotes responsible deployment within digital organizations without causing bureaucratic delays. Developers receive comprehensive insights about their deployments while preserving their autonomy, integrating seamlessly into existing deployment pipelines. Through comprehensive observability, consistent change management, and scalable assessments, Risk Engine aims to reduce incidents and safeguard customer experiences. More details here

What’s In It For Me?

Risk Engine streamlines deployment by auto-approving passing risk assessments, eliminating waits for Release Management approvals, and providing essential non-blocking checks missed by other CI/CD tools. Designed with modularity in mind, Risk Engine allows extensive customization and sharing of plugins across teams, ensuring risk assessments are tailored to specific needs. At it's core, Risk Engine enhances organizational reliability by detecting and informing on potential issues and leveraging deployment data to refine both the tool itself and overall deployment and reliability practices. More details here

Need Assistance?

For any questions or support related to the Risk Engine, please get in touch in our slack channel: #risk-engine-support.

@risk-engine-production
Copy link
Author

Risk Assessment results for 'feat: add Risk Engine configuration'

Source: GitHub Event - Pull Request - Opened

Assessment Details

Summary

Total Risk Threshold Summary
87% 30% Total risk is above the repository risk threshold and the repository is not yet approved for automated release.
Address risk inputs below to lower the total risk before submitting an Embargo Exception Request to Release Management to facilitate deployment.
Click here to start an Embargo Exception Request

Risk Inputs

View calculation and risk details on the Risk Engine UI

Category: Application Status

Risk analysis related to the general configuration and status of the application

Total Application Status Risk: 64

Input Risk Weight Details
🔴 Code Analysis Alerts 100% 3 Unable to assess Code Analysis Alerts - no analysis found - more...
🔴 Git Branch Protection 100% 3 Branch main is missing the following protections: Requires Approving Reviews, Requires Status Checks, Requires Code Owner Reviews, Requires Commit Signatures, Requires Strict Status Checks - more...
🔴 Innersource Health 100% 1 Repository telus/telus-standard has a public visibility - This should be set to internal to support the Innersource model - more...
See all Risk Inputs
Input Risk Weight Details
🟢 Secret Scanning Alerts 0% 3 No exposed secret scanning alerts found for this application - more...
🟢 Vulnerability Alerts 0% 1 Found 1 OPEN and 0 DISMISSED vulnerabilities on branch main - Risk from security vulnerabilities is 0% - See Alerts
🟢 Error Budget 0% 0 Availability score based on an org-wide ~100% uptime this month as of Thu, Nov 10, 6 PM EST. Improve the accuracy of this result by adding your team to the Risk Engine Config File. - more...

Category: Change Specific

Risk analysis related to the changes for the current assessment

Total Change Specific Risk: 23

Input Risk Weight Details
🔴 Changed Files 50% 3 Checked risk of changed files - Risk from files changed is 50% - Risk from missing required changes is 0%
🟢 Lines Changed 7% 2 +51 additions -0 deletions
See all Risk Inputs
Input Risk Weight Details
🟢 Semantic Commit 0% 2 Analyzed risk of Semantic Commit messages - feat: 1

Category: Additive

Risk analysis related to critical and/or external factors

Total Additive Risk: 0

See all Risk Inputs
Input Risk Details
🟢 Risk Config File Health 0% File is complete and well formed - more...
🟢 Embargo 0% No Current Embargo - Checked on: Wed, Oct 18, 11:27 PM EDT - more...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants