Uploaded image for project: 'Build'
  1. Build
  2. BUILD-600

Slack bot to bug #pd as long as open security issues are unassigned / reaching due date

    XMLWordPrintable

Details

    • Task
    • Resolution: Done
    • Neutral
    • None
    • None
    • None

    Description

      Assuming that we start to define a ‘due date’ on new security issues (on top of the ‘private’ security level), we could create a job that would report in #pd every day which tickets are getting close to the deadline, and what their status is (is there an assignee, is the ticket in progress).

      We could time that message such that it would be just in time for SoS, so that attendees would act on it.

      An exemple of ticket that should show up is MGNLVA-20.

      Discovery notes

      The bot would simply need to forward to Slack the output of a Jira filter such as the following: https://jira.magnolia-cms.com/issues/?jql=status%20NOT%20IN%20(%27Closed%27%2C%20%27Resolved%27)%20AND%20level%20%3D%20Private%20AND%20type%20!%3D%20Sub-task%20AND%20labels%20%3D%20security%20AND%20assignee%20is%20EMPTY%20AND%20created%20%3E%20startOfDay(-90)%20AND%20project%20NOT%20IN%20(%27ONDEMAND%27%2C%20%27SRE%27)

      That being said, there's many tickets in there that we don't want to share to #pd every single day. Should we maintain a blacklist so that only recent & untackled security issues show up?

      Checklists

        Acceptance criteria

        Attachments

          Issue Links

            Activity

              People

                mmichel Maxime Michel
                mmichel Maxime Michel
                Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  Checklists

                    Task DoR