Commit 7d33253e authored by Mark Mishaev's avatar Mark Mishaev
Browse files

SSCS handbook: AuthZ EM @jpr0c + PM @NellyVahab, Pipeline Security acting EM @mmishaev

parent b7be2bd6
Loading
Loading
Loading
Loading
+2 −2
Original line number Diff line number Diff line
@@ -180,7 +180,7 @@ This visibility creates accountability and helps justify pushback on future requ

### Authorization

{{% team-by-manager-slug manager="ajaythomasinc" team="Engineer(.*)Software Supply Chain Security:Authorization" %}}
{{% team-by-manager-slug manager="jpr0c" team="Engineer(.*)Software Supply Chain Security:Authorization" %}}

### Compliance

@@ -188,7 +188,7 @@ This visibility creates accountability and helps justify pushback on future requ

### Pipeline Security

{{% team-by-manager-slug manager="ken.mcdonald" team="Engineer(.+)Software Supply Chain Security:Pipeline Security" %}}
{{% team-by-manager-slug manager="mmishaev" team="Engineer(.+)Software Supply Chain Security:Pipeline Security" %}}

## Stable Counterparts

+2 −2
Original line number Diff line number Diff line
@@ -119,14 +119,14 @@ The goal of the refinement process is to:
  - Is the expected functionality clearly articulated?
  - Are there dependencies? On other teams or on other issues?
- If the issue is not complete:
  - Tag `@jrandazzo` (PM) or `@ajaythomasinc` (EM), so they know that the item can not be fully groomed. They can help complete the issue and outline what is needed.
  - Tag `@NellyVahab` (PM) or `@jpr0c` (EM), so they know that the item can not be fully groomed. They can help complete the issue and outline what is needed.
- Break down the issue into tasks.
  - If the issue requires both frontend and backend work, then we can create different tasks to divide that work. This will allow different engineers to collaborate on the issue together.
  - If it’s a new or complicated feature, specify what can be delivered in the first iteration, and what can be delivered in future iterations.
- Outline an implementation plan
  - If the issue requires both frontend and backend work, define the request/response structure of API endpoints to ensure there is minimal computation in the Vue components.
  - If further research is needed to figure out the implementation plan, a spike issue can be created. We can circle back to the issue once we have the findings from the spike.
- Assign a weight using [t-shirt sizing approach](../../../../business-technology/data-team/how-we-work/planning/#t-shirt-sizing-approach), set the label `~workflow::scheduling` and tag `@ajaythomasinc` and `@jrandazzo`. If the issue has been broken down into tasks, weights can be assigned to each of the tasks.
- Assign a weight using [t-shirt sizing approach](../../../../business-technology/data-team/how-we-work/planning/#t-shirt-sizing-approach), set the label `~workflow::scheduling` and tag `@jpr0c` and `@NellyVahab`. If the issue has been broken down into tasks, weights can be assigned to each of the tasks.
- Once the next steps are clear, update the description of the issue(s) and unassign yourself.

## Links and resources {#links}
+1 −1
Original line number Diff line number Diff line
@@ -32,7 +32,7 @@ A: Time slots are fixed and coordinated globally to ensure continuous coverage a

A: Follow the standard Incident.io override process:

1. Reach out in #sscs-tier2-rotation-coordination to your reporting manager or @adil.farrukh, @ajaythomasinc and @ken.mcdonald as rotation leaders.
1. Reach out in #sscs-tier2-rotation-coordination to your reporting manager or @adil.farrukh, @jpr0c and @mmishaev as rotation leaders.
2. Coordinate with them or a team member to cover that time slot
3. Notify your manager and the team in the above Slack channel.
4. Document the override in advance (ideally 48+ hours notice for non-emergencies)
+1 −1
Original line number Diff line number Diff line
@@ -2,7 +2,7 @@
title: SSCS Tier 2 On-Call Rotation Leader
---

Welcome to the Rotation Leader role for the Software Supply Chain Security (SSCS) Tier 2 On-Call program. The starting rotation leaders for this rotation are @adil.farrukh, @ajaythomasinc and @ken.mcdonald. As a Rotation Leader, you are responsible for the health, fairness, and effectiveness of your team's on-call rotation. This guide outlines your core responsibilities and how to execute them.
Welcome to the Rotation Leader role for the Software Supply Chain Security (SSCS) Tier 2 On-Call program. The starting rotation leaders for this rotation are @adil.farrukh, @jpr0c and @mmishaev. As a Rotation Leader, you are responsible for the health, fairness, and effectiveness of your team's on-call rotation. This guide outlines your core responsibilities and how to execute them.

## Your Role and Responsibilities

+1 −1
Original line number Diff line number Diff line
@@ -9,7 +9,7 @@ title: Time Off and Holidays
Well before you take time off:

1. Check the on-call schedule in Incident.io
2. If you're scheduled during that time, tell your rotation leader ASAP. You can do so by reaching out in #sscs-tier2-rotation-coordination to your reporting manager or @adil.farrukh, @ajaythomasinc and @ken.mcdonald as rotation leaders.
2. If you're scheduled during that time, tell your rotation leader ASAP. You can do so by reaching out in #sscs-tier2-rotation-coordination to your reporting manager or @adil.farrukh, @jpr0c and @mmishaev as rotation leaders.
3. The rotation leader will either:
   - Find someone to swap with in your region
   - Create an [override](https://help.incident.io/articles/2815264840-cover-me%2C-overrides-and-schedules) (reassign that slot)