doc: Add Sec Analyzer Automated Flows blueprint
What does this MR do and why?
Adds draft blueprint for Sec Analyzers Automated Flows, see #368284 (closed)
This initial draft covers the primary challenges and goals. With further iterations we'll cover category boundarie and timelines
- DIY its-a-markdown-file review app: https://gitlab.com/gitlab-org/gitlab/-/blob/add-sec-analyzer-automated-flows-blueprint/doc/architecture/blueprints/sec_analyzer_automated_flows/index.md
- Per Evolutionary Architecture Workflow
Background
Sec section analyzers should include metadata on the outcomes of scans in order to inform report ingestion. See parent issue for further discussion.
This data can be used to direct the processing of reports for more efficient vulnerability management.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Merge request reports
Activity
assigned to @theoretick
Suggested Reviewers (beta)
The individuals below may be good candidates to participate in the review based on various factors.
You can use slash commands in comments to quickly assign
/assign_reviewer @user1.Suggested Reviewers @ayufan,@mbobin,@andrewn,@ekigbo,@jreporterIf you do not believe these suggestions are useful, please apply the label Bad Suggested Reviewer. You can also provide feedback for this feature on this issue:
https://gitlab.com/gitlab-org/gitlab/-/issues/357923.Automatically generated by Suggested Reviewers Bot - an experimental ML-based recommendation engine created by ~"group::applied ml".
- A deleted user
added documentation label
2 Warnings 
8bdbff43: The commit subject and body must be separated by a blank line. For more information, take a look at our Commit message guidelines. This merge request does not refer to an existing milestone. 1 Message 
This merge request adds or changes documentation files. A review from the Technical Writing team before you merge is recommended. Reviews can happen after you merge. Documentation review
The following files require a review from a technical writer:
doc/architecture/blueprints/sec_analyzer_automated_flows/index.md
The review does not need to block merging this merge request. See the:
-
Metadata for the
*.mdfiles that you've changed. The first few lines of each*.mdfile identify the stage and group most closely associated with your docs change. - The Technical Writer assigned for that stage and group.
- Documentation workflows for information on when to assign a merge request for review.
If needed, you can retry the
danger-reviewjob that generated this comment.Generated by
Edited by Ghost User
Resolved by 🤖 GitLab Bot 🤖
- typebug: Defects in shipped code and fixes for those defects. This includes all the bug types (availability, performance, security vulnerability, mobile, etc.)
- typefeature: Effort to deliver new features, feature changes & improvements. This includes all changes as part of new product requirements like application limits.
- typemaintenance: Up-keeping efforts & catch-up corrective improvements that are not Features nor Bugs. This includes restructuring for long-term maintainability, stability, reducing technical debt, improving the contributor experience, or upgrading dependencies.
See the handbook for more guidance on classifying.
This message was created with automation and Engineering Productivity is looking for feedback in this issue:
https://gitlab.com/gitlab-org/quality/engineering-productivity/team/-/issues/43
mentioned in issue #368284 (closed)
marked the checklist item I have evaluated the MR acceptance checklist for this MR. as completed
marked the checklist item I have evaluated the MR acceptance checklist for this MR. as incomplete
marked the checklist item I have evaluated the MR acceptance checklist for this MR. as completed
mentioned in issue #369111
added 1 commit
- 74b0023f - Clarify multiple levels of report enrichment
