Uploaded image for project: 'OpenStack Strategy'
  1. OpenStack Strategy
  2. RHOSSTRAT-702

ESS/SOA for Software Factory/Zuul

XMLWordPrintable

    • Icon: Initiative Initiative
    • Resolution: Unresolved
    • Icon: Critical Critical
    • None
    • None
    • internal
    • None
    • Yellow
    • True
    • False
    • Hide

      None

      Show
      None
    • 0
    • rhos-product-pcinfra

      Initiative Overview

      For all "pipelines" that are involved in the development of product code, a Security Operating Approval (SOA) is required. This involved atesting to several questions included in the Enterprise Security Standard (ESS). Because Zuul and Software Factory are integrated into the OpenStack production chain, it needs to have a Fully approved SOA.

      Goals

      Achieve a 'Full SOA' for ZUUL-001.

      Done

      • All ESS controls are compliant or determined to be 'Not Applicable' and have been reviewed by the ESS assessors.
      • Any remediations have been completed and accepted by the ESS assessors.
      • All required diagrams, policies, and procedures are provided in the SOA and made easily available to anyone else of the team.
      • ZUUL-001 has a 'Full SOA'.

      Out of Scope

      • CMDB IDs that are not ZUUL-001
      • Fixes or enhancements that are not driven from ESS controls.

              jjoyce@redhat.com Jason Joyce
              rhn-engineering-mburns Mike Burns
              Mike Burns Mike Burns
              rhos-product-pcinfra
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: