Release XL - Comparison to GL: Audit/Compliance
Xebia Labs Release capabilities in Release XL have some compelling functionality to address a need around compliance and audits. This issue will discuss the main areas of the audit and describe potential feature parity/combats
Auditing in XL
XL offers a Release Audit Report. There are three main report types:
- Single release - show all the information that happened in a release and additional data from tool integrations.
- Multiple releases - a .zip package containing a master report and one audit report for each of your filtered releases. * The master report is an excel file indexing all of the single release report files in a .zip package.
These reports contain data from within XL, but are also very integrated with the ecosystem of the users for example:
- Fortify on Demand
- Black Duck
- XL Deploy
An area for improvement for GL, is to add quality and compliance integration data to the Release Evidence offering
Release XL also offers integration into custom plugins:
Audit data permissions
XL allows the setting of retention periods in their tool, this might be a need to validate with GL users:
To configure the retention period for the generated reports in XL Release:
- Go to Settings > General.
- Under Release audit reports, in the Delete release audit report older than field, specify the maximum number of days the reports can be stored before automatically deleting them.
In order to use this report - an Auditor global role must be held by the user, this may be our
read_milestone permission that is added as a part of release evidence.
The actual report within XL is oriented by tabs containing various sheets of data
- Plan tab - Shows the details for Jira tasks from XL Release including the Jira ticket number.
- Build tab - Shows the details for Jenkins tasks from XL Release and accessible build URLs from Jenkins.
- Security and Compliance tab - Shows the details for the SonarQube, SonarCloud, Fortify on Demand, and BlackDuck tasks including links to the corresponding projects.
- ITSM tab - Shows the details for ServiceNow tasks from XL Release and an accessible link to the project in ServiceNow.
- Deployments tab - Shows the details for XL Deploy tasks from XL Release and an accessible link to de the deployment in XL Deploy.
A snap from the compliance sheet
Offering a richness in integration is definitely something worth investigating for quality and compliance tool sets.