Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updated Coalition AppSec Security Workflow (RUN-001) #1

Closed
wants to merge 1 commit into from
Closed

Updated Coalition AppSec Security Workflow (RUN-001) #1

wants to merge 1 commit into from

Conversation

anthturner
Copy link

This PR adds support for a centralized security workflow which runs on changes to master, main, and/or dev. This helps to track this repository’s security posture, and integrates into Coalition’s centralized security dashboard.

This workflow will run in parallel to any builds and will not block releases or development, even if an error occurs.

This workflow centralizes the execution of CodeQL to minimize future impact to engineering teams when keeping rules up to date.

The AppSec team will be responsible for maintaining this workflow if there are any security issues in the future. If there are questions, please reach out to the team in our Slack channel, #help-appsec.

More information can be found in Confluence at https://fiasco.atlassian.net/wiki/spaces/ENG/pages/2876080164/Static+Analysis+Tooling+Integration

@anthturner
Copy link
Author

Closing since this repo is public; can reopen later if necessary.

@anthturner anthturner closed this Apr 7, 2022
@fbexiga fbexiga deleted the anthturner/codeql-update branch April 8, 2022 16:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@anthturner