Update Secure reporting to provide correct SMAU data
Problem to solve
Usage ping today reports several values related to devopssecure and reports the highest value of all of them to represent SMAU. This means that we get an incomplete picture of who is actually using the product and a less-than-accurate SMAU value.
Intended users
Proposal
- Update the existing usage ping to report the number of unique users who used one or more of the Secure scanners and use that as Secure SMAU.
- Clarification: If a user uses 2 Secure scanners, they should only be reported one time, not twice for the Secure SMAU.
- Update the SMAU dashboard to use the new value.
This follow the original proposal for Secure SMAU.
Some pseudo-code for how the proposal could be implemented:
def secure_smau():
scanner_list = [SAST, DAST, Container Scanning, Dependency Scanning, License Scanning, License Management]
user_list = set()
for scanner in scanner_list:
for individual_job in job_logs_by_type[scanner]:
user_list.add(individual_job.user)
return len(user_list)
Further details
Today we collect the following with usage ping:
container_scanning_jobs
dast_jobs
dependency_scanning_jobs
license_management_jobs
license_scanning_jobs
sast_jobs
These all are the number of distinct users who have run a job of that type.