Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security Controls Action Documentation #8

Open
wants to merge 8 commits into
base: main
Choose a base branch
from
Open

Security Controls Action Documentation #8

wants to merge 8 commits into from

Conversation

ammentorp
Copy link
Collaborator

@ammentorp ammentorp commented Dec 16, 2024
edited
Loading

https://contrast.atlassian.net/browse/PROD-2372

Changes

Documenting new Observe action: security-control. The following attributes were discussed with Brian Sowers.

  • security.control.method: Required
  • security.control.name: Optional
  • security.control.rules: Recommended
  • security.control.type: Optional

Note: if the PR is touching an area that is not listed in the
existing areas,
or the area does not have sufficient
domain experts coverage,
the PR might be tagged as experts needed
and move slowly until experts are identified.

Merge requirement checklist

@ammentorp ammentorp marked this pull request as ready for review December 17, 2024 17:03
@ammentorp ammentorp requested a review from seschis as a code owner December 17, 2024 17:03
seschis
seschis reviewed Jan 29, 2025
View reviewed changes
model/metrics/contrast-actions.yaml
@@ -49,6 +49,9 @@ groups:
- id: ognl-execution
value: "ognl-execution"
brief: "Object-Graph Navigation Language expression execution."
- id: security-control
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

in my first attempt at creating custom attributes on top of otel standards I made a mistake. I should have namespaced the custom attributes by prefixing them all with contrast- or contrast.. It would be weird to do that now so we can probably continue without the namespace for this changeset and I'll just have to fix it later with a new standard convention release at some point in the future.

seschis
seschis approved these changes Jan 29, 2025
View reviewed changes
Copy link
Collaborator

@seschis seschis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the change looks ok to me. Let me know if you need help with getting the pipeline passing before merging this to main.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@seschis seschis seschis approved these changes

Assignees

@seschis seschis

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ammentorp @seschis