[BUILD-600] Slack bot to bug #pd as long as open security issues are unassigned / reaching due date Created: 06/Dec/21  Updated: 05/Aug/22  Resolved: 05/Aug/22

Status: Closed
Project: Build
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Neutral
Reporter: Maxime Michel Assignee: Maxime Michel
Resolution: Done Votes: 0
Labels: artt
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
dependency
depends upon BUILD-584 Integrate with Slack Closed
relation
is related to BUILD-660 Provide an easy-to-read breakdown of ... Selected
is related to BUILD-845 Quality initiative Selected
Template:
Acceptance criteria:
Empty
Task DoR:
Empty

 Description   

Assuming that we start to define a ‘due date’ on new security issues (on top of the ‘private’ security level), we could create a job that would report in #pd every day which tickets are getting close to the deadline, and what their status is (is there an assignee, is the ticket in progress).

We could time that message such that it would be just in time for SoS, so that attendees would act on it.

An exemple of ticket that should show up is MGNLVA-20.

Discovery notes

The bot would simply need to forward to Slack the output of a Jira filter such as the following: https://jira.magnolia-cms.com/issues/?jql=status%20NOT%20IN%20(%27Closed%27%2C%20%27Resolved%27)%20AND%20level%20%3D%20Private%20AND%20type%20!%3D%20Sub-task%20AND%20labels%20%3D%20security%20AND%20assignee%20is%20EMPTY%20AND%20created%20%3E%20startOfDay(-90)%20AND%20project%20NOT%20IN%20(%27ONDEMAND%27%2C%20%27SRE%27)

That being said, there's many tickets in there that we don't want to share to #pd every single day. Should we maintain a blacklist so that only recent & untackled security issues show up?


Generated at Sun Feb 11 23:43:23 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.