Docs: Review in-flight security tutorials
Lyn was working on a series of security-related tutorials with the intention of adding them to the docs. Clayton was in the process of reviewing some of those tutorials.
As far as I know, these are the MRs that were in flight:
- Fuzz testing tutorial for Docs (!111219 - merged)
- Draft: Adding License Compliance tutorial (!110121 - closed)
- Draft: Adding openjdk8 vulnerability finding tu... (!110119 - closed)
- Created Scan Result Policy tutorial (!109930 - merged)
- Created Dependency Scanning tutorial (!109928 - merged)
- Draft: Creating Compliance Pipeline tutorial page (!109895 - closed)
-
DRAFT: Start work on vulnerability management (!103958)
- This MR originally contained all of the tutorials, which were then split out into the MRs above. This MR contains comments that are relevant to the status of the other MRs.
Proposal
@kpaizee to review each of these MRs and update this issue with their status.
After the status is determined, we can decide how to move forward with these MRs.
Update now that we have the status of each:
-
@ereadwill complete#6for the tutorials KR. -
@rdickensonwill complete#4or#5(or both) for the tutorials KR.
Evaluation results
| # | MR | Status | Notes | Group | Writer |
|---|---|---|---|---|---|
| 1 | Fuzz testing tutorial for Docs (!111219 - merged) |
|
Based on Lyn's comment, needs more drafting, technical review, and TW review. | groupdynamic analysis | @jglassman1 DONE. Tutorial: Perform fuzz testing in GitLab |
| 2 | Draft: Adding License Compliance tutorial (!110121 - closed) |
|
MR closed and tutorial paused as this feature was deprecated in 15.9. | groupcomposition analysis | CLOSE. No further action planned, License Compliance has been deprecated. |
| 3 | Draft: Adding openjdk8 vulnerability finding tu... (!110119 - closed) |
|
Based on Lyn's comment, this one was on hold as it needs more consensus. Therefore, needs more drafting, technical review, and TW review. | groupcomposition analysis |
@eread TODO. Candidate for completion as part of technical-writing#790
|
| 4 | Created Scan Result Policy tutorial (!109930 - merged) |
|
Missing step based on this comment. Otherwise, think this one has been reviewed by product, and is ready for TW review. | groupsecurity policies |
@rdickenson DONE, published as Tutorial: Set up a scan result policy
|
| 5 | Created Dependency Scanning tutorial (!109928 - merged) |
|
@mmora left some tech review notes that need to be addressed. Also unclear if this comment has been addressed. Clayton started a TW review, needs final TW review. |
groupcomposition analysis |
@rdickenson DONE. Published as Tutorial: Set up dependency scanning
|
| 6 | Draft: Creating Compliance Pipeline tutorial page (!109895 - closed) |
|
Unclear if this comment has been addressed. May need final review by by @k33g and @mmora. Clayton started a TW review, needs a final TW review. Replaced with Add tutorial for creating compliance pipelines (!115295 - merged)
|
groupcompliance |
@eread DONE, original MR replaced by !115295 (merged), published as Tutorial: Create a compliance pipeline
|
| 7 | DRAFT: Start work on vulnerability management (!103958) |
|
This appears to be an overall intro page for the tutorials. Several open threads that need to be addressed. Needs more drafting, further technical review, and TW review. | This content is not a tutorial. Will be addressed in a separate docs backlog issue: #415144 (closed) |
Edited by Kati Paizee