Blocking Issues with No Workaround
| Jira Legacy |
|---|
| server | System Jira |
|---|
| columns | key,summary,created,updated,assignee,reporter,priority,status,labels |
|---|
| maximumIssues | 50 |
|---|
| jqlQuery | status != Closed AND (project = Test OR labels = Integration) AND issuetype = Bug AND affectedVersion = "frankfurt Release" AND priority = Highest ORDER BY priority DESC, updated DESC |
|---|
| serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
|---|
|
Integration High Priority Issues
| Jira Legacy |
|---|
| server | System Jira |
|---|
| columns | key,summary,created,updated,assignee,reporter,priority,status,labels |
|---|
| maximumIssues | 50 |
|---|
| jqlQuery | status != Closed AND status != Done AND (project = Test OR labels = Integration AND labels != healthcheck) AND issuetype = Bug AND fixVersion = "Frankfurt Release" AND priority = High ORDER BY key, priority DESC, updated DESC |
|---|
| serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
|---|
|
HTTP/HTTPS security follow-up
| Jira Legacy |
|---|
| server | System Jira |
|---|
| columns | key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution |
|---|
| maximumIssues | 20 |
|---|
| jqlQuery | labels in (integration) and labels in (security) AND labels in (HTTPS) AND fixVersion = "Frankfurt Release" |
|---|
| serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
|---|
|
Note security scans are tested on evey gating and on Master Daily (a dashboard to master daily has to be done and referenced) to view if the fixes have been integrated in OOM Master.
The results can be found in the file http_public_endpoints.log
A white list must be implemented to exclude some pods (robot, sniro, aaf)
Rooted pods security follow-up
| Jira Legacy |
|---|
| server | System Jira |
|---|
| columns | key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution |
|---|
| maximumIssues | 20 |
|---|
| jqlQuery | labels in (integration) and labels in (security) AND labels in (root) AND fixVersion = "Frankfurt Release" |
|---|
| serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
|---|
|
results can be found in gating and daily master in root_pods.log
For Frankfurt the focus must be done on our dockers
Upstream docker can be excluded.
Please note that the test check that the default user is not root. In some case the user exists but the main process is not launched as root (REQ-215 is fine even if it is usually simplifier to delete the root user..)