Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Configure Repo Settings #1289

Closed
18 tasks done
r-bartlett-gsa opened this issue May 3, 2024 · 2 comments
Closed
18 tasks done

Configure Repo Settings #1289

r-bartlett-gsa opened this issue May 3, 2024 · 2 comments
Assignees
@kkrug
Milestone
Sprint 07/02/24

Comments

@r-bartlett-gsa
Copy link
Member

r-bartlett-gsa commented May 3, 2024
edited
Loading

As a Challenge.gov repo administrator and developer, in order to improve the safety of the code, ease of administration and work efficiency, I would like to update the settings on the Challenge_gov and challenges-and-prizes repositories.

Acceptance criteria:

  • Create issue templates (bug, user stories and DOD)
  • Create PR templates
  • Configure automation for both challenge.gov repos:
    • Configure automations for dependabot alerts or PRs
    • Enable and configure appropriate security testing automations, alerts and reporting (see TTS Handbook Security Section)
      • Per GSA org requirements: "Conduct static code analysis with a scanning tool (if available). SonarQube is approved as a standard. "
    • Configure workflow automations for teams-based review/approval
    • Configure requirements for code reviews/approvals to allow merging
    • Configure stale branch cleanup
  • GH integration with Slack channel for work updates
  • Create user teams with permissions for specific workflows
    • Ensure the team's accounts are setup correctly per TTS handbook
  • Update devconfig/readme files to accurately represent current system architecture and dependencies
  • Create / update documentation on branch titles for both repos
    • Standardize dev / staging / main branch setup and titles for both repos
  • Implement processes for ensuring appropriate handling of sensitive information in issues and code, see Protecting TTS Systems
  • Setup/plan for (create backlog items) any other items identified as part of Technical Discovery
  • Update Configuration Management Plan accordingly, see Configuration Management Plan Updates #1316
@r-bartlett-gsa r-bartlett-gsa added this to the Sprint 05/21/24 milestone May 10, 2024
@r-bartlett-gsa
Copy link
Member Author

@kkrug Can we please make one additional change to the PR template: If applicable, GH issues are assigned to the PR, under Development section on the right hand side.

@r-bartlett-gsa
Copy link
Member Author

@kkrug / @jdonis In regards to automated testing, there are a few open PRs for Snyk security upgrades from May. Do we need to do anything about those? https://github.com/GSA/Challenge_gov/pulls

This was referenced Jun 28, 2024
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kkrug kkrug

Labels
None yet
Projects
None yet
Milestone
Sprint 07/02/24
Development

No branches or pull requests
2 participants
@kkrug @r-bartlett-gsa