Up-level Encryption Policy
Why is this change being made?
Up-level the encryption policy and move the old policy to the internal handbook as the new encryption standard.
Author and Reviewer Checklist
Please verify the check list and ensure to tick them off before the MR is merged.
-
Provided a concise title for this Merge Request (MR) -
Added a description to this MR explaining the reasons for the proposed change, per say why, not just what - Copy/paste the Slack conversation to document it for later, or upload screenshots. Verify that no confidential data is added, and the content is SAFE
-
Assign reviewers for this MR to the correct Directly Responsible Individual/s (DRI) - If the DRI for the page/s being updated isn’t immediately clear, then assign it to one of the people listed in the
Maintained bysection on the page being edited - If your manager does not have merge rights, please ask someone to merge it AFTER it has been approved by your manager in #mr-buddies
- The when to get approval handbook section explains the workflow in more detail
- If the DRI for the page/s being updated isn’t immediately clear, then assign it to one of the people listed in the
-
For transparency, share this MR with the audience that will be impacted. -
Team: For changes that affect your direct team, share in your group Slack channel -
Department: If the update affects your department, share the MR in your department Slack channel -
Division: If the update affects your division, share the MR in your division Slack channel -
Company: If the update affects all (or the majority of) GitLab team members, post an update in #whats-happening-at-gitlab linking to this MR - For high-priority company-wide announcements work with the internal communications team to post the update in #company-fyi and align on a plan to circulate in additional channels like the "While You Were Iterating" Newsletter
-
Commits
- Update file encryption-policy.md
Merge request reports
Activity
added HandbookContent label
assigned to @jlongo_gitlab
Using combined codequality.json
One of the linters has reported errors and as a result the pipeline has failed. Once the pipeline completes, you'll find the code quality report above which can link you to where the error is in your code. Additionally, below you'll find a table of the errors. The table has links to the lint rules so you can find more information on how to fix the issue(s).
Rule File Line Error CODEOWNERS ./content/handbook/security/product-security/vulnerability-management/encryption-policy.md 1 The file ./content/handbook/security/product-security/vulnerability-management/encryption-policy.mdis listed as a controlled document in CODEOWNERS but is missing the front matter to mark it as a controlled documentCODEOWNERS ./content/handbook/security/product-security/vulnerability-management/encryption-policy.md 1 The file ./content/handbook/security/product-security/vulnerability-management/encryption-policy.mdis listed as a controlled document in CODEOWNERS but is missing the front matter to mark it as a controlled documentIf you need more help please reach out on Slack in #mr-buddies.
When you are ready for this MR to be reviewed please tag
@gitlab-com/office-of-the-ceoas it modifies a.gitlab/CODEOWNERSthat they maintain.This message was generated automatically. You're welcome to improve it.
added Office of the CEO label
Using combined codequality.json
One of the linters has reported errors and as a result the pipeline has failed. Once the pipeline completes, you'll find the code quality report above which can link you to where the error is in your code. Additionally, below you'll find a table of the errors. The table has links to the lint rules so you can find more information on how to fix the issue(s).
Rule File Line Error CODEOWNERS ./content/handbook/security/product-security/vulnerability-management/encryption-policy.md 1 The file ./content/handbook/security/product-security/vulnerability-management/encryption-policy.mdis listed as a controlled document in CODEOWNERS but is missing the front matter to mark it as a controlled documentIf you need more help please reach out on Slack in #mr-buddies.
Resolved by Joseph Longo@gitlab-com/office-of-the-ceo Can someone take a look at this when they have a moment, please. I don't understand why it's still showing lint errors for the policy in the CODEOWNERS file when it was already removed.
- Last reply by Liz Coleman
Using combined codequality.json
One of the linters has reported errors and as a result the pipeline has failed. Once the pipeline completes, you'll find the code quality report above which can link you to where the error is in your code. Additionally, below you'll find a table of the errors. The table has links to the lint rules so you can find more information on how to fix the issue(s).
Rule File Line Error CODEOWNERS content/handbook/security/product-security/vulnerability-management/closing-issues.md 3 The file content/handbook/security/product-security/vulnerability-management/closing-issues.mdhas identified itself as a controlled document in the front matter but is missing an entry in the CODEOWNERS fileCODEOWNERS content/handbook/security/product-security/vulnerability-management/what-is-a-vulnerability.md 3 The file content/handbook/security/product-security/vulnerability-management/what-is-a-vulnerability.mdhas identified itself as a controlled document in the front matter but is missing an entry in the CODEOWNERS fileCODEOWNERS content/handbook/security/product-security/vulnerability-management/development-labels.md 4 The file content/handbook/security/product-security/vulnerability-management/development-labels.mdhas identified itself as a controlled document in the front matter but is missing an entry in the CODEOWNERS fileCODEOWNERS content/handbook/security/product-security/vulnerability-management/labels.md 3 The file content/handbook/security/product-security/vulnerability-management/labels.mdhas identified itself as a controlled document in the front matter but is missing an entry in the CODEOWNERS fileCODEOWNERS content/handbook/security/product-security/vulnerability-management/incident-response-guidance.md 4 The file content/handbook/security/product-security/vulnerability-management/incident-response-guidance.mdhas identified itself as a controlled document in the front matter but is missing an entry in the CODEOWNERS fileCODEOWNERS content/handbook/security/product-security/vulnerability-management/runbooks/so-you-have-a-vulnerability-finding.md 4 The file content/handbook/security/product-security/vulnerability-management/runbooks/so-you-have-a-vulnerability-finding.mdhas identified itself as a controlled document in the front matter but is missing an entry in the CODEOWNERS fileCODEOWNERS content/handbook/security/product-security/vulnerability-management/runbooks/fixing-vulnerabilities.md 4 The file content/handbook/security/product-security/vulnerability-management/runbooks/fixing-vulnerabilities.mdhas identified itself as a controlled document in the front matter but is missing an entry in the CODEOWNERS fileCODEOWNERS content/handbook/security/product-security/vulnerability-management/vulnerability-management-team/_index.md 3 The file content/handbook/security/product-security/vulnerability-management/vulnerability-management-team/_index.mdhas identified itself as a controlled document in the front matter but is missing an entry in the CODEOWNERS fileCODEOWNERS content/handbook/security/product-security/vulnerability-management/why-should-we-fix-vulnerabilities.md 3 The file content/handbook/security/product-security/vulnerability-management/why-should-we-fix-vulnerabilities.mdhas identified itself as a controlled document in the front matter but is missing an entry in the CODEOWNERS fileCODEOWNERS content/handbook/security/product-security/vulnerability-management/automation.md 3 The file content/handbook/security/product-security/vulnerability-management/automation.mdhas identified itself as a controlled document in the front matter but is missing an entry in the CODEOWNERS fileCODEOWNERS content/handbook/security/product-security/vulnerability-management/Infrastructure-vulnerability-procedure.md 3 The file content/handbook/security/product-security/vulnerability-management/Infrastructure-vulnerability-procedure.mdhas identified itself as a controlled document in the front matter but is missing an entry in the CODEOWNERS fileCODEOWNERS content/handbook/security/product-security/vulnerability-management/sla-exceptions.md 3 The file content/handbook/security/product-security/vulnerability-management/sla-exceptions.mdhas identified itself as a controlled document in the front matter but is missing an entry in the CODEOWNERS fileCODEOWNERS content/handbook/security/product-security/vulnerability-management/sla.md 3 The file content/handbook/security/product-security/vulnerability-management/sla.mdhas identified itself as a controlled document in the front matter but is missing an entry in the CODEOWNERS fileCODEOWNERS content/handbook/security/product-security/vulnerability-management/lifecycle.md 3 The file content/handbook/security/product-security/vulnerability-management/lifecycle.mdhas identified itself as a controlled document in the front matter but is missing an entry in the CODEOWNERS fileCODEOWNERS content/handbook/security/product-security/vulnerability-management/what-does-fixed-mean.md 3 The file content/handbook/security/product-security/vulnerability-management/what-does-fixed-mean.mdhas identified itself as a controlled document in the front matter but is missing an entry in the CODEOWNERS fileIf you need more help please reach out on Slack in #mr-buddies.
-
@juliedavila @estrike Heads up that I have up-leveled the public encryption policy based on what was in the previous policy, and moved the previous policy, which is more akin to a standard, here
Edited by Joseph Longo -
@gitlab-com/office-of-the-ceo Can you please approve the CODEOWNER changes.
added this merge request to the merge train at position 2
mentioned in commit 77285c59
