Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set up security update checks in CI #296

Open
7 tasks
fyliu opened this issue Jun 6, 2024 · 2 comments
Open
7 tasks

Set up security update checks in CI #296

fyliu opened this issue Jun 6, 2024 · 2 comments
Labels
complexity: missing Feature: Infrastructure For changes on site technical architecture ready for product role: devops role: product s: PD team stakeholder: People Depot Team size: 2pt Can be done in 7-12 hours
Milestone
2 - Security

Comments

@fyliu
Copy link
Member

fyliu commented Jun 6, 2024
edited by ExperimentsInHonesty
Loading

Overview

We need to set up something like PyUp once we're deployed so that we're up-to-date for security updates.

Details

PyUP is a tool that updates all your project's Python dependency files through Pull Requests on GitHub/GitLab. It's repo is currently inactive and the project was converted to a product called Safety, this issue will explore alternatives including but not limited to:

  • set up Dependabot to do the same
  • set up a GHA to run pip-tools to do the updates (just update, no information on whether anything is vulnerable).

Action Items

  • research alternatives and document in comments below
  • Summarize a recommendation in a comment
  • Review and get sign-off from
    • Lead dev
    • Product Lead
  • Deploy solution
    • If the solution involves deploying via GitHub actions
      • document in the GitHub actions page

Resources/Instructions
@fyliu fyliu added size: 1pt Can be done in 4-6 hours Feature: Infrastructure For changes on site technical architecture s: PD team stakeholder: People Depot Team role: devops ready for product labels Jun 6, 2024
@fyliu fyliu added this to the 2 - Security milestone Jun 6, 2024
@fyliu fyliu mentioned this issue Jun 6, 2024
Open
7 tasks
@fyliu

This comment was marked as resolved.

Sign in to view
@fyliu fyliu added size: 2pt Can be done in 7-12 hours and removed size: 1pt Can be done in 4-6 hours labels Jun 6, 2024
@fyliu fyliu changed the title Set up pyup for security updates Set up security update checks in ci Jun 16, 2024
@ExperimentsInHonesty ExperimentsInHonesty changed the title Set up security update checks in ci Set up security update checks in CI Jun 24, 2024
@ExperimentsInHonesty
Copy link
Member

@fyliu I rewrote the issue a little bit. Please review and if you are good with the way it is now, please add the ready for product label back on.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
complexity: missing Feature: Infrastructure For changes on site technical architecture ready for product role: devops role: product s: PD team stakeholder: People Depot Team size: 2pt Can be done in 7-12 hours
Projects
PD: Project Board
Status: New Issue Review
Milestone
2 - Security
Development

No branches or pull requests
2 participants
@fyliu @ExperimentsInHonesty