Add rudimentary docs for compliance check pipeline #272
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Matthias Büchse <[email protected]>
Signed-off-by: Matthias Büchse <[email protected]>
Signed-off-by: Matthias Büchse <[email protected]>
mbuechse
commented
Nov 8, 2024
| + - ENCRYPTED_SECRET | ||
| ``` | ||
|
|
||
| Note that you have to use the same keys as in Step 3 (that is, with special characters replaced). |
There was a problem hiding this comment.
Suggested change
| Note that you have to use the same keys as in Step 3 (that is, with special characters replaced). | |
| Note that you have to use the same keys as in Step 1 (that is, with special characters replaced). |
mbuechse
commented
Nov 8, 2024
|
|
||
| 3. Add your subject to the results table. This is necessary so your subject shows up in the | ||
| [compliance monitor web-site](https://compliance.sovereignit.cloud/page/table). Add the following lines | ||
| (substituting all-caps parts): |
There was a problem hiding this comment.
Suggested change
| (substituting all-caps parts): | |
| (substituting all-caps parts except HM): |
mbuechse
commented
Nov 8, 2024
| virtualenv .venv | ||
| . .venv/bin/activate | ||
| pip install -r requirements.txt | ||
| pip install passlib argon2_cffi # these are only needed for step 2 |
There was a problem hiding this comment.
Suggested change
| pip install passlib argon2_cffi # these are only needed for step 2 | |
| pip install passlib argon2_cffi # these are only needed for Step 2 |
garloff
reviewed
Nov 8, 2024
|
|
||
| ```shell | ||
| git commit -asm "Add SUBJECT_NAME" | ||
| git push # the output of this command will show you the URL for creating the pull request |
There was a problem hiding this comment.
This will only work if you are part of the github SCS Organization. Ask the SCS team (or other members) to add you.
Otherwise you will need to create a fork in your own github project and create a PR for the SCS team to merge from there.
| continuous-integration pipeline, you may want to use some dedicated credential store and mechanism for | ||
| injecting secrets. You may want to take inspiration from our own Zuul setup by looking at | ||
| [.zuul.d](https://github.com/SovereignCloudStack/standards/tree/main/.zuul.d) and | ||
| [playbooks](https://github.com/SovereignCloudStack/standards/tree/main/playbooks). |
There was a problem hiding this comment.
Do we want to mention that other job schedulers like Jenkins or even cron jobs can be used as well. This avoids scaring people that are overwhelmed by the capabilities that zuul offers.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.