[BUILD-600] Slack bot to bug #pd as long as open security issues are unassigned / reaching due date Created: 06/Dec/21 Updated: 05/Aug/22 Resolved: 05/Aug/22 |
|
| Status: | Closed |
| Project: | Build |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Task | Priority: | Neutral |
| Reporter: | Maxime Michel | Assignee: | Maxime Michel |
| Resolution: | Done | Votes: | 0 |
| Labels: | artt | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||||
| Template: |
|
||||||||||||||||||||
| Acceptance criteria: |
Empty
|
||||||||||||||||||||
| Task DoR: |
Empty
|
||||||||||||||||||||
| Description |
|
Assuming that we start to define a ‘due date’ on new security issues (on top of the ‘private’ security level), we could create a job that would report in #pd every day which tickets are getting close to the deadline, and what their status is (is there an assignee, is the ticket in progress). We could time that message such that it would be just in time for SoS, so that attendees would act on it. An exemple of ticket that should show up is MGNLVA-20. Discovery notesThe bot would simply need to forward to Slack the output of a Jira filter such as the following: https://jira.magnolia-cms.com/issues/?jql=status%20NOT%20IN%20(%27Closed%27%2C%20%27Resolved%27)%20AND%20level%20%3D%20Private%20AND%20type%20!%3D%20Sub-task%20AND%20labels%20%3D%20security%20AND%20assignee%20is%20EMPTY%20AND%20created%20%3E%20startOfDay(-90)%20AND%20project%20NOT%20IN%20(%27ONDEMAND%27%2C%20%27SRE%27) That being said, there's many tickets in there that we don't want to share to #pd every single day. Should we maintain a blacklist so that only recent & untackled security issues show up? |