-
Notifications
You must be signed in to change notification settings - Fork 1.2k
[K9VULN-5345] Improve static sca setup documentation #29559
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[K9VULN-5345] Improve static sca setup documentation #29559
Conversation
78191ed
to
fdc7e8c
Compare
Preview links (active after the
|
This makes it seem like we don't support GitLab for our product. This request access is to be able to see Code Snippets and get MR comments FWIR. Why not put the supported language/package managers at the top? Afraid customers won't see this at all otherwise With the change above, we could remove the supported languages note. We could also probably shorten this whole section to be something like "Go to I'd make this This seems like it's better suited right under the "Run SCA scans in your CI Pipelines" heading? |
@piloulacdog have you reviewed the comments of @dastrong? Let me know if you are going to make more changes and then I will review and merge the PR. (DOCS editorial ticket is DOCS-11033) |
@dastrong for your feedbacks:
I think that I will likely need your help knowing exactly what it implies. I wasn't able to find a single org which had it enabled... so wasn't able to confirm that we offer...
That's because this list is only true if you scan using the Datadog/datadog-sbom-generator. It is not true if you use any other SBOM generator. The only true statement is the list of languages. But if you use the new
Tried a rewording:
✅ Updated! |
…ab in pipelines integration, rewrite getting started -
✅ Documentation Team ReviewThe documentation team has approved this pull request. Thank you for your contribution! |
Hi @michaelcretzman, I will ping us as soon as we agree on our final copy (by EoD) |
Love the changes (especially the Further Reading section). One thing to note with the changes to the linking services tab is that this content is on a couple different pages I believe (this this one), so maybe omit it in this PR or update all occurrences. Ping @kassenq for final review though |
@piloulacdog are you going to ping @kassenq for review as suggested by @dastrong or can I review and merge? |
Hi @michaelcretzman, I did ping @kassenq on Slack, I think she didn't get the chance to look at it just yet. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approved with minor edits that don't impact tech content. I will make the edits and merge.
content/en/security/code_security/software_composition_analysis/setup_static/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/setup_static/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/setup_static/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/setup_static/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/setup_static/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/setup_static/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/setup_static/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/setup_static/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/setup_static/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/setup_static/_index.md
Outdated
Show resolved
Hide resolved
incorp Doc revisions
/merge |
View all feedbacks in Devflow UI.
This merge request is not mergeable yet, because of pending checks/missing approvals. It will be added to the queue as soon as checks pass and/or get approvals.
The expected merge time in
PR can't be merged according to github policy |
/merge |
View all feedbacks in Devflow UI.
The expected merge time in
|
What does this PR do? What is the motivation?
Some customers are facing issues with the SBOM upload process and have reported that the documentation provided is inadequate. They have requested escalation and the booking of an engineer to support them with this critical installation for an important customer.
We should fix the documentation so that they can better understand how to install static SCA.
Merge instructions
Merge readiness:
Preview
The preview can be found here