Uploaded image for project: 'SAFe Program'
  1. SAFe Program
  2. SP-1444

CI/CD Workflow: Merge Request Hooks

    XporterXMLWordPrintable

Details

    • Enabler
    • Not Assigned
    • PI9
    • None
    • Services
    • Hide

      In order to have a consistent and robust development/security/review/QA processes for ska-telescope projects, there needs to be a common series of automated checks and feedback mechanism in place following the SKA policies and developer portal guidelines. So that the projects are checked, feedback is given to the developers early, necessary metrics are collected for analysing and reporting of the quality of ska-telescope projects as a whole are ensured.

      Show
      In order to have a consistent and robust development/security/review/QA processes for ska-telescope projects, there needs to be a common series of automated checks and feedback mechanism in place following the SKA policies and developer portal guidelines. So that the projects are checked, feedback is given to the developers early, necessary metrics are collected for analysing and reporting of the quality of ska-telescope projects as a whole are ensured.
    • Hide

       

      • Service should be expandable/pluggable so that it is easy to expand and configurable for the below checks and future checks
      •  Feedback:
        • Integration with Merge Requests is improved so that MR Bot only updates a single commit in event updates. This comment will have a nice visual table so that it is easy to see what's missing and what are the necessary actions for the developers
      • Checks: How to report and how to mitigate each check is documented in the Developer Portal. Only the warnings/errors should be reported to not pollute the MR comment.
        • Check if the commit messages include Jira ticket
        • Check if the MR title includes Jira Ticket
        • Check if the branch name includes Jira ticket
        • (Optional) Allow configuration for slack notifications(and others) to be turned on by leaving a message to the bot in the MR page (i.e. @bot /notify-me, /approve, /waiver etc.)
        • Check if the MR settings are correct
        • Check if the commit has a tag, necessary variables/files include the same tag value (so that correctly versioned artifacts will be produced) This check could be otherwise as well. i.e. check the artefact versions with tag compliance
        • Check if the MR has documentation set up correctly (integrated with RTD)
        • Check if the MR includes documentation updates
        • Check if the License file is present and correctly set up
        • Basic security checks(Check if the dependencies have known securities etc.)
        • To be discussed:
          • Check pipeline steps (helm publish, ci-linting included or not)
          • Check best practices (move reports in after_script, Dockerfile layer config, docker-compose usages, cache usage, resources set in k8s charts etc.)
      • Configure each check with metadata so that they can be used in other scenarios as well (To be discussed)
      • Service is authenticated and secured
      Show
        Service should be expandable/pluggable so that it is easy to expand and configurable for the below checks and future checks  Feedback: Integration with Merge Requests is improved so that MR Bot only updates a single commit in event updates. This comment will have a nice visual table so that it is easy to see what's missing and what are the necessary actions for the developers Checks: How to report and how to mitigate each check is documented in the Developer Portal. Only the warnings/errors should be reported to not pollute the MR comment. Check if the commit messages include Jira ticket Check if the MR title includes Jira Ticket Check if the branch name includes Jira ticket (Optional) Allow configuration for slack notifications(and others) to be turned on by leaving a message to the bot in the MR page (i.e. @bot /notify-me, /approve, /waiver etc.) Check if the MR settings are correct Check if the commit has a tag, necessary variables/files include the same tag value (so that correctly versioned artifacts will be produced)  This check could be otherwise as well. i.e. check the artefact versions with tag compliance Check if the MR has documentation set up correctly (integrated with RTD) Check if the MR includes documentation updates Check if the License file is present and correctly set up Basic security checks(Check if the dependencies have known securities etc.) To be discussed: Check pipeline steps (helm publish, ci-linting included or not) Check best practices (move reports in after_script, Dockerfile layer config, docker-compose usages, cache usage, resources set in k8s charts etc.) Configure each check with metadata so that they can be used in other scenarios as well (To be discussed) Service is authenticated and secured
    • 3
    • 3
    • 4.667
    • Team_SYSTEM
    • Sprint 5
    • Hide

      Current version of framework is complete, with integrated authorisation (authenticates requests from GitLab). Checks are implemented and demonstrated at 9.3 .

      Show
      Current version of framework is complete, with integrated authorisation (authenticates requests from GitLab). Checks are implemented and demonstrated at 9.3 .
    • 14.6
    • Stories Completed, Integrated, Demonstrated, Satisfies Acceptance Criteria, Accepted by FO

    Description

      Define automated checks and implement feedback mechanisms using CI/CD Automation Framework (developed in SP-993) for SKA DevSecOps processes through hooks on the Merge Request - 

      This system will improve:

      • MR Workflow
      • CI/CD Pipeline Workflow
      • Collection and Reporting of Necessary metrics for the defined repositories

       

      Attachments

        Issue Links

          clones

          Enabler - An Enabler supports the activities needed to extend the Architectural Runway to provide future business functionality. These include exploration, architecture, infrastructure, and compliance. SP-1325 Improving CI/CD Workflow

          • Not Assigned - Priority is not assigned yet.
          • Discarded
          mentioned in

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Structure

            Activity

              People

                m.bartolini Bartolini, Marco
                U.Yilmaz Yilmaz, Ugur
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Feature Progress

                  Story Point Burn-up: (100.00%)

                  Feature Estimate: 3.0

                  IssuesStory Points
                  To Do00.0
                  In Progress   00.0
                  Complete1031.0
                  Total1031.0

                  Dates

                    Created:
                    Updated:
                    Resolved:

                    Structure Helper Panel