Proposal to add new FedRAMP labels to process
Purpose
This MR is proposing to add new FedRAMP scoped labels to the Vulnerability Issue that is submitted through the PO&AM Deviation Request procedure.
Due to the DR labels only being assigned on the DR issue, I am unable to quickly identify if the related vulnerability issue is going through the Deviation Request Process. The goal of this MR is to make it more transparent that a specific vulnerability issue is engaged in the DR process.
Background
This was discussed and agreed upon in a sync meeting. However, we had not come to a consensus on the naming of the labels that would be used.
What change is being made?
This MR:
- Adds an additional step (Step 1) of the workflow adding a new DR Request Open label to the vulnerability MR.
- Communicates that the product workflow label should be set to the workflowverification workflow status
- Updates the last step (Step 4) of the workflow adding a new DR Request Close label to the vulnerability MR.
Next Steps?
Please review this proposal and make suggestions or recommendations for improvements if needed
cc @joshlambert @jritchey @Julia.Lake @connorgilbert @corey-oas @clefelhocz1 @cdu1 @ankelly @JohnathanHunt