<!-- Please review https://about.gitlab.com/handbook/engineering/infrastructure/change-management/ for the most recent information on our change plans and execution policies. --> # Production Change ### Change Summary This is a retroactive & informational change management issue to cover production use of Wiz.io, an external SaaS vulnerability scanner. Wiz was [evaluated](https://gitlab.com/gitlab-com/gl-security/threatmanagement/general/-/issues/19) late last year, and in order to provide an accurate comparison between then current vulnerability scanner Tenable.io and Wiz, [scoped access per this linked AR](https://gitlab.com/gitlab-com/team-member-epics/access-requests/-/issues/24237) was provisioned to production and staging GCP environments. Wiz has progressed [somewhat organically](https://gitlab.com/gitlab-com/gl-security/threatmanagement/general/-/issues/20 to production usage) now that our Tenable.io license has expired, however a change management issue was not raised prior to that happening due to a lack of awareness of this procedure. I'm raising this issue therefore to communicate the usage and production nature of Wiz.io to all team members involved in the change management procedure, but especially to make sure there is broad awareness of this tooling within infrastructure teams, and as part of the [readiness review](https://gitlab.com/gitlab-com/gl-infra/readiness/-/issues/95) I have also raised and have been working on retroactively. ### Change Details 1. **Services Impacted** - GCP, AWS 1. **Change Technician** - <!-- woodhouse: '`@{{ .Username }}`' -->{+ DRI for the execution of this change +} 1. **Change Reviewer** - <!-- woodhouse: '@{{ .Reviewer }}' -->{+ DRI for the review of this change +} 1. **Time tracking** - 0 minutes 1. **Downtime Component** - N/A ### Set Maintenance Mode in GitLab If your change involves scheduled maintenance, add a step to set and [unset maintenance mode](https://gitlab.com/gitlab-com/runbooks/-/blob/master/docs/monitoring/set_maintenance_window.md) per our runbooks. This will make sure [SLA calculations adjust](https://gitlab.com/gitlab-com/runbooks/-/merge_requests/5887) for the maintenance period. ## Detailed steps for the change ### Change Steps - steps to take to execute the change *Estimated Time to Complete (mins)* - 0 minutes - N/A as change is informational ## Rollback ### Rollback steps - steps to be taken in the event of a need to rollback this change *Estimated Time to Complete (mins)* - 0 minutes - N/A as change is informational ## Monitoring ### Key metrics to observe <!-- * Describe which dashboards and which specific metrics we should be monitoring related to this change using the format below. --> - Metric: N/A - Location: N/A, as Wiz.io is external SaaS - What changes to this metric should prompt a rollback: N/A, as Wiz.io is external SaaS ## Change Reviewer checklist <!-- To be filled out by the reviewer. --> ~C4 ~C3 ~C2 ~C1: - [ ] Check if the following applies: - The **scheduled day and time** of execution of the change is appropriate. - The [change plan](#detailed-steps-for-the-change) is technically accurate. - The change plan includes **estimated timing values** based on previous testing. - The change plan includes a viable [rollback plan](#rollback). - The specified [metrics/monitoring dashboards](#key-metrics-to-observe) provide sufficient visibility for the change. ~C2 ~C1: - [ ] Check if the following applies: - The complexity of the plan is appropriate for the corresponding risk of the change. (i.e. the plan contains clear details). - The change plan includes success measures for all steps/milestones during the execution. - The change adequately minimizes risk within the environment/service. - The performance implications of executing the change are well-understood and documented. - The specified metrics/monitoring dashboards provide sufficient visibility for the change. - If not, is it possible (or necessary) to make changes to observability platforms for added visibility? - The change has a primary and secondary SRE with knowledge of the details available during the change window. - The change window has been agreed with Release Managers in advance of the change. If the change is planned for APAC hours, this issue has an agreed pre-change approval. - The labels ~"blocks deployments" and/or ~"blocks feature-flags" are applied as necessary. ## Change Technician checklist <!-- To find out who is on-call, in #production channel run: /chatops run oncall production. --> - [ ] Check if all items below are complete: - The [change plan](#detailed-steps-for-the-change) is technically accurate. - This Change Issue is linked to the appropriate Issue and/or Epic - Change has been tested in staging and results noted in a comment on this issue. - A dry-run has been conducted and results noted in a comment on this issue. - The change execution window respects the [Production Change Lock periods](https://about.gitlab.com/handbook/engineering/infrastructure/change-management/#production-change-lock-pcl). - For ~C1 and ~C2 change issues, the change event is added to the [GitLab Production](https://calendar.google.com/calendar/embed?src=gitlab.com_si2ach70eb1j65cnu040m3alq0%40group.calendar.google.com) calendar. - For ~C1 and ~C2 change issues, the SRE on-call has been informed prior to change being rolled out. (In #production channel, mention `@sre-oncall` and this issue and await their acknowledgement.) - For ~C1 and ~C2 change issues, the SRE on-call provided approval with the ~eoc_approved label on the issue. - For ~C1 and ~C2 change issues, the Infrastructure Manager provided approval with the ~manager_approved label on the issue. - Release managers have been informed prior to any C1, C2, or ~"blocks deployments" change being rolled out. (In #production channel, mention `@release-managers` and this issue and await their acknowledgment.) - There are currently no [active incidents](https://gitlab.com/gitlab-com/gl-infra/production/-/issues?scope=all&utf8=%E2%9C%93&state=opened&label_name[]=Incident%3A%3AActive) that are ~severity::1 or ~severity::2 - If the change involves doing maintenance on a database host, an appropriate silence targeting the host(s) should be added for the duration of the change.