2020-10-12 - Triage report for "group::compliance"
Hi, @mattgonzales @djensen @dennis @aregnery @mikelong
This is a group or stage level triage report that aims to summarize the feature proposals and bugs which have not been scheduled or triaged. For more information please refer to the handbook:
Scheduling the workload is a collaborative effort by the Product Managers and Engineering Managers for that group. Please work together to provide a best estimate on priority and milestone assignments. For each issue please:
- Determine if the issue should be closed if it is no longer relevant or a duplicate.
- If it is still relevant please assign either a best estimate versioned milestone, the %Backlog or the %Awaiting further demand milestone.
- Specifically for ~bug, if there is no priority or clarity on a versioned milestone, please add a Priority label. Priority labels have an estimate SLO attached to them and help team members and the wider community understand roughly when it will be considered to be scheduled.
- Once a milestone has been assigned please check off the box for that issue.
- Please work with your team to complete the list by the due date set.
Feature Proposal Section
For the following feature proposals. Please either close or assign either a versioned milestone, the %Backlog or the %Awaiting further demand milestone.
customer
Unscheduled ~feature with- gitlab-org/gitlab#239349 (closed) Instance-level MR approval settings are blocking editing project approval rules Category:Compliance Management, Enterprise Edition, GitLab Premium, Next Up, backend, customer, devopsmanage, ~"feature", groupcompliance, priority2, sectiondev, workflowplanning breakdown
- gitlab-org/gitlab#238218 (closed) Chain of Custody Report - User feedback for iteration 2 ~"Category:Audit Reports", Enterprise Edition, GitLab Ultimate, backend, customer, devopsmanage, ~"enhancement", ~"feature", frontend, groupcompliance, sectiondev
- gitlab-org/gitlab#235616 (closed) Make the process of associating a Jira issue with a merge request more clear and reliable Category:Compliance Management, Enterprise Edition, GitLab Ultimate, Next Up, UX, atlassian, customer, devopsmanage, ~"feature", frontend, groupcompliance, priority1, sectiondev, workflowplanning breakdown
- gitlab-org/gitlab#234740 Add Secure Functionality to Auditor Role Secure UXCompliance & Auditing, customer, devopssecure, ~"feature", groupcompliance
- gitlab-org/gitlab#230932 (closed) Ability to modify user access level via users API customer, devopsmanage, ~"feature", groupcompliance, sectiondev
- gitlab-org/gitlab#225352 Allow Access to Project Information via CI_JOB_TOKEN api, customer, devopsmanage, ~"feature", groupcompliance, sectiondev
- gitlab-org/gitlab#207539 (closed) GitLab integration with Netskope Alliances, customer, ~"devops::defend", ~"feature", groupcompliance
- gitlab-org/gitlab#39139 Display project deletion in group audit event log Enterprise Edition, GitLab Starter, backend, customer, devopsmanage, ~"feature", groupcompliance, missed-deliverable, missed:12.9, priority2, sectiondev, severity4, workflowblocked
- gitlab-org/gitlab#26383 (closed) Transfering groups does not warn in the same way than transfering projects does ~"Category:Subgroups", customer, devopsmanage, ~"feature", frontend, groupcompliance, sectiondev, workflowdesign
- gitlab-org/gitlab#20603 (closed) Feature Request: Activity log should contain changes to project/group settings Manage [DEPRECATED], UX, backend, customer, devopsmanage, ~"feature", groupcompliance, priority4, sectiondev, security, severity4, user profile
Unscheduled ~feature (non-customer)
- gitlab-org/gitlab#263461 Add Trigger Tokens to Credential Inventory Category:Compliance Management, Enterprise Edition, GitLab Ultimate, Next Up, UX, devopsmanage, ~"feature", frontend, groupcompliance, priority3, sectiondev, workflowdesign
- gitlab-org/gitlab#263455 (closed) Add Scheduled Pipelines to Credential Inventory Category:Compliance Management, Enterprise Edition, GitLab Ultimate, Next Up, UX, devopsmanage, ~"feature", frontend, groupcompliance, priority3, sectiondev, workflowdesign
- gitlab-org/gitlab#263260 (closed) Add Lock/Unlock feature to specific approval rules in instance-level MR approval rules settings Category:Compliance Management, Next Up, devopsmanage, ~"feature", frontend, groupcompliance, priority2, sectiondev, workflowplanning breakdown
- gitlab-org/gitlab#263259 (closed) Add Allow/Disable override dropdown selection to instance-level MR approval rules Category:Compliance Management, Next Up, devopsmanage, ~"feature", frontend, groupcompliance, priority2, sectiondev, workflowplanning breakdown
- gitlab-org/gitlab#263258 (closed) Add inheritance dropdown selection to instance-level MR approval rules Category:Compliance Management, Next Up, devopsmanage, ~"feature", frontend, groupcompliance, priority2, sectiondev, workflowplanning breakdown
- gitlab-org/gitlab#263257 (closed) Add Approval rules to instance level Category:Compliance Management, Next Up, devopsmanage, ~"feature", frontend, groupcompliance, priority2, sectiondev, workflowplanning breakdown
- gitlab-org/gitlab#263256 (closed) Add Require user password to approve to instance level Category:Compliance Management, Next Up, devopsmanage, ~"feature", frontend, groupcompliance, priority2, sectiondev, workflowplanning breakdown
- gitlab-org/gitlab#263255 (closed) Add Remove all approvals in a merge request when new commits are pushed to its source branch to instance level Category:Compliance Management, Next Up, devopsmanage, ~"feature", frontend, groupcompliance, priority2, sectiondev, workflowplanning breakdown
- gitlab-org/gitlab#262728 Create API to query compliance labels on all projects in an instance Category:Compliance Management, backend, devopsmanage, ~"feature", groupcompliance, sectiondev, workflowproblem validation
- gitlab-org/gitlab#262677 (closed) Add changes to group-level IP access restrictions to audit events Category:Audit Events, devopsmanage, ~"feature", groupcompliance, sectiondev
- gitlab-org/gitlab#262078 Pin the default branch to the top of the protected branches list devopsmanage, ~"feature", frontend, groupcompliance, repository, sectiondev, settings
- gitlab-org/gitlab#257890 (closed) Add 'Push events' sub-nav item under 'Audit Events' Category:Audit Events, UX, devopsmanage, ~"feature", frontend, groupcompliance, sectiondev, workflowproblem validation
- gitlab-org/gitlab#255340 (closed) Add ability to create/edit/assign compliance frameworks Category:Compliance Management, GitLab Ultimate, backend, devopsmanage, ~"feature", groupcompliance, priority1, sectiondev, workflowblocked
- gitlab-org/gitlab#254822 Add credential inventory widget to admin dashboard Category:Compliance Management, UX, devopsmanage, ~"feature", groupcompliance, sectiondev
- gitlab-org/gitlab#254817 (closed) Provide a regular email digest for the Compliance Dashboard to group owners Category:Compliance Management, devopsmanage, ~"feature", groupcompliance, sectiondev
- gitlab-org/gitlab#254655 (closed) Remove deprecated scss files for audit controls Category:Audit Events, devopsmanage, ~"feature", ~"feature::maintenance", frontend, groupcompliance, sectiondev
- gitlab-org/gitlab#254389 (closed) Add 'compliance pipeline configuration location' value to custom compliance framework labels Category:Compliance Management, Enterprise Edition, GitLab Ultimate, Next Up, UX, devopsmanage, ~"feature", groupcompliance, priority1, sectiondev, workflowsolution validation
- gitlab-org/gitlab#250663 (closed) Add audit event for downloading CI artifacts Category:Audit Events, backend, devopsmanage, ~"feature", groupcompliance, sectiondev
- gitlab-org/gitlab#250480 (closed) Optional enforcement of SSH key expiration Category:Compliance Management, Enterprise Edition, GitLab Premium, backend, devopsmanage, ~"feature", featureaddition, groupcompliance, priority3, sectiondev, workflowscheduling
- gitlab-org/gitlab#249563 Remove usages of dropdown-menu-close from specs and QA tests Category:Code Testing and Coverage, Icon, backend, devopsverify, ~"feature", ~"feature::maintenance", frontend, groupcompliance, sectionops
- gitlab-org/gitlab#249243 Add additional audit event detail to user access report ~"Category:Audit Reports", Enterprise Edition, devopsmanage, ~"feature", groupcompliance, sectiondev
- gitlab-org/gitlab#247943 (closed) Add Lock/Unlock feature to specific approval rules in group-level MR approval rules settings Category:Compliance Management, devopsmanage, ~"feature", frontend, groupcompliance, priority2, sectiondev, workflowplanning breakdown
- gitlab-org/gitlab#247942 (closed) Add Allow/Disable override dropdown selection to group-level MR approval rules Category:Compliance Management, devopsmanage, ~"feature", frontend, groupcompliance, priority2, sectiondev, workflowplanning breakdown
- gitlab-org/gitlab#247941 (closed) Add Compliance framework(s) dropdown selection to group-level MR approval rules Category:Compliance Management, devopsmanage, ~"feature", frontend, groupcompliance, priority2, sectiondev, workflowplanning breakdown
- gitlab-org/gitlab#247921 (closed) Add inheritance dropdown selection to group-level MR approval rules Category:Compliance Management, devopsmanage, ~"feature", frontend, groupcompliance, priority2, sectiondev, workflowplanning breakdown
- gitlab-org/gitlab#247905 Add Approval rules to group level Category:Compliance Management, devopsmanage, ~"feature", frontend, groupcompliance, priority2, sectiondev, workflowplanning breakdown
- gitlab-org/gitlab#247904 (closed) Add Require user password to approve to group level Category:Compliance Management, devopsmanage, ~"feature", frontend, groupcompliance, priority2, sectiondev, workflowplanning breakdown
- gitlab-org/gitlab#247903 (closed) Add Prevent approval of merge requests by merge request committers to group level Category:Compliance Management, devopsmanage, ~"feature", frontend, groupcompliance, priority2, sectiondev, workflowplanning breakdown
- gitlab-org/gitlab#247901 (closed) Add Remove all approvals in a merge request when new commits are pushed to its source branch to group level Category:Compliance Management, devopsmanage, ~"feature", frontend, groupcompliance, priority2, sectiondev, workflowplanning breakdown
- gitlab-org/gitlab#247900 (closed) Add Prevent approval of merge requests by merge request author to group level Category:Compliance Management, backend, database, devopsmanage, ~"feature", frontend, groupcompliance, priority2, sectiondev, workflowplanning breakdown
Unscheduled UX Debt Issues
- gitlab-org/gitlab#231382 (closed) Match Project Pending Removal Behavior to Groups UX debt, devopsmanage, groupcompliance, sectiondev, severity4
Bug Section
For the following bugs. Please either close or assign either a versioned milestone, the %Backlog or the %Awaiting further demand milestone and ensure that a priority label is set.
- Engineering Managers: Please add a severity label for those issues without one
- Product Designers: Please add a severity label to UX ~bug issues without one
Heatmap for all bugs
Bugs for their priority and severity label are counted here. Every bug should have severity and priority labels applied. Please take a look at the bugs which fall into the columns indicating that the priority or severity labels are currently missing.
severity1 | severity2 | severity3 | severity4 | No severity | |
---|---|---|---|---|---|
priority1 | 0 | 0 | 0 | 0 | 0 |
priority2 | 0 | 1 | 0 | 0 | 0 |
priority3 | 0 | 0 | 0 | 0 | 0 |
priority4 | 0 | 0 | 0 | 1 | 0 |
No priority | 0 | 0 | 10 | 3 | 0 |
frontend ~bug (non-customer)
Unscheduled- gitlab-org/gitlab#230454 (closed) Admin page tabs overflow and become unusable on small displays UX, ~"bug", devopsmanage, frontend, groupcompliance, sectiondev, severity4
customer
Unscheduled ~bug with- gitlab-org/gitlab#259159 (closed) Group Level Audit Logging shows incorrect IP address when SAML actions affect user permissions Category:Compliance Management, backend, ~"bug", customer, devopsmanage, groupcompliance, sectiondev, severity3
- gitlab-org/gitlab#254954 (closed) Pages access level change incorrectly named in Audit Events Category:Audit Events, ~"bug", customer, devopsmanage, groupcompliance, sectiondev, severity3, workflowscheduling
- gitlab-org/gitlab#213578 (confidential) ~"(confidential)"
Unscheduled ~bug (non-customer)
- gitlab-org/gitlab#262861 (closed) AccessDeniedError in Compliance Dashboard see causing gdk reconfigure failure backend, ~"bug", devopsmanage, groupcompliance, sectiondev, severity3, workflowplanning breakdown
- gitlab-org/gitlab#251151 (closed) Handle group deletion when access level of deleting user changes backend, ~"bug", devopsmanage, groupcompliance, sectiondev, severity3
- gitlab-org/gitlab#246618 (closed) HIPAA audit template logging activity for March 26, 2020 after creation UX, backend, ~"bug", devopsmanage, groupcompliance, priority4, sectiondev, severity4, workflowscheduling
- gitlab-org/gitlab#237843 (closed) typos when deleting a project repository ~"bug", devopsmanage, groupcompliance, sectiondev, severity4
- gitlab-org/gitlab#225550 (closed) Saving HTML/Ruby in AuditEvent details "custom_message" backend, ~"bug", devopsmanage, groupcompliance, sectiondev, severity4, workflowproblem validation
Heatmap for ~missed-SLO bugs
severity1 | severity2 | severity3 | severity4 | No severity | |
---|---|---|---|---|---|
priority1 | 0 | 0 | 0 | 0 | 0 |
priority2 | 0 | 1 | 0 | 0 | 0 |
priority3 | 0 | 0 | 0 | 0 | 0 |
priority4 | 0 | 0 | 0 | 0 | 0 |
No priority | 0 | 0 | 0 | 0 | 0 |
This is a group level triage report that aims to collate the latest bug reports (for frontend and otherwise) and feature proposals. For more information please refer to the handbook:
If assignees or people mentioned in this individual triage report need to be amended, please edit group-definition.yml.