Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Budget: purchase PagerDuty license for security@kubernetes.io #72

Closed
philips opened this issue Sep 21, 2018 · 20 comments

Comments

Projects
6 participants
@philips
Copy link
Contributor

commented Sep 21, 2018

The PST wants to automate the rotation of people who handle the security@kubernetes.io reports.

We set out to have a goal of weekly rotations but without tooling and automation it isn't working well.

So, we are seeking a $540 budget for a yearly PagerDuty license. That is $9 * 12mo * 5 people.

We will start work on the tooling next week and will have a 14 day trial or something.

@cblecker

This comment has been minimized.

Copy link
Member

commented Sep 21, 2018

I'd be interested in hearing how this goes for you. We will have similar need at some point in the future to do this for the infra on-call

cc: @kubernetes/k8s-infra-team

@BenTheElder

This comment has been minimized.

Copy link
Member

commented Sep 21, 2018

Yes please, we'll definitely want something like this for infra on-call.

So, we are seeking a $540 budget for a yearly PagerDuty license. That is $912mo5 people.

I can't quite parse that second sentence here, is that a formatting error?

@justaugustus

This comment has been minimized.

Copy link
Member

commented Sep 21, 2018

@caniszczyk

This comment has been minimized.

Copy link

commented Sep 21, 2018

@philips

This comment has been minimized.

Copy link
Contributor Author

commented Sep 21, 2018

@philips

This comment has been minimized.

Copy link
Contributor Author

commented Sep 21, 2018

@cblecker @BenTheElder any opinion on PagerDuty vs. OpsGenie. I am apathetic and have used both. They are workable and quirky in their own ways.

@caniszczyk

This comment has been minimized.

Copy link

commented Sep 21, 2018

@cblecker

This comment has been minimized.

Copy link
Member

commented Sep 21, 2018

Have used PD previously, and had no issues with it. I like the API.

Have not used or looked into OpsGenie, so I don't have an opinion on it.

@BenTheElder

This comment has been minimized.

Copy link
Member

commented Sep 21, 2018

I've no experience with either and have no opinion other than having an actual community paging rotation set up sounds excellent and I'd love to hear how that goes so we can look at setting it up for the CNCF-kubernetes-infra.
Currently GKE-Kubernetes-EngProd uses Google's internal tooling for test-infra pages instead and we need a migration path.

@caniszczyk

This comment has been minimized.

Copy link

commented Sep 26, 2018

Can you send me the emails of folks that should be admins for OpsGenie?

Happy to get this done by EOW.

@philips

This comment has been minimized.

Copy link
Contributor Author

commented Sep 26, 2018

@caniszczyk

This comment has been minimized.

Copy link

commented Sep 26, 2018

@philips that's the plan, but waiting for LF IT to confirm that it will be splintered off the LF instance, give me a day or two

@philips

This comment has been minimized.

Copy link
Contributor Author

commented Sep 26, 2018

@caniszczyk

This comment has been minimized.

Copy link

commented Sep 26, 2018

@philips, I invited you as an admin and created a "Kubernetes Security" team

It's going to take a bit of time to get the paperwork done to get under the LF plan, they are a bit slower than normal due to the Atlassian acquisition but you should have the freedom to set everything up now and I'll take care of payment and all that jazz when ready.

@philips

This comment has been minimized.

Copy link
Contributor Author

commented Sep 27, 2018

@caniszczyk I need the account activated to use the advanced alerting features

@caniszczyk

This comment has been minimized.

Copy link

commented Sep 27, 2018

@philips account should be fully activated now with the enterprise features, I logged in and looks good

@jdumars jdumars added this to Backlog in Steering Sep 28, 2018

@philips

This comment has been minimized.

Copy link
Contributor Author

commented Oct 1, 2018

@philips

This comment has been minimized.

Copy link
Contributor Author

commented Oct 5, 2018

I wrote the tool I need against the API. Everything is fine with Ops Genie solution for now. Thanks!

Tool: https://github.com/philips/oncall-issue-filer

/close

@k8s-ci-robot

This comment has been minimized.

Copy link
Contributor

commented Oct 5, 2018

@philips: Closing this issue.

In response to this:

I wrote the tool I need against the API. Everything is fine with Ops Genie solution for now. Thanks!

Tool: https://github.com/philips/oncall-issue-filer

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Steering automation moved this from Backlog to Done Oct 5, 2018

@philips philips referenced this issue Oct 5, 2018

Closed

Automate Security Team On-Call Rotation #327

5 of 5 tasks complete
@caniszczyk

This comment has been minimized.

Copy link

commented Oct 5, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.