Document the full CI/CD permissions model in one place
Description
CI/CD security is something that has been really improved in the latest releases, and we are continuing on this path. Unfortunately documentation is sparse and there is no single place where all the considerations can be found.
Also, we still miss some good examples and scenarios on how to use the security features we have to implement a secure process (test, merge, deploy), as it may be not so obvious to everyone.
Proposal
This is a possible plan to implement in order to give visibility to CI/CD security in documentation:
-
Create a single page in the docs that contains all the information related to CI/CD security topics -
Make examples and best practices on how to apply security, with use cases from common scenarios -
Blog about CI/CD security to make people aware of the importance of it
Links / references
- Security/permissions of CD: #21911 (closed)
Documentation blurb
Overview
What is it? Why should someone use this feature? What is the underlying (business) problem? How do you use this feature?
Use cases
Who is this for? Provide one or more use cases.
Feature checklist
Make sure these are completed before closing the issue, with a link to the relevant commit.
-
Feature assurance -
Documentation -
Added to features.yml