search

cncf / tag-security

🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!
https://cncf.io/projects
Other
1.99k stars 496 forks source link

Jaeger Project Security Self-Assessment - Security Pals #1198

Closed cp-57 closed 5 months ago

cp-57 commented 6 months ago

Jaeger Tracing Project Self-Assessment

Jia Lin Weng Cristian Panaro Sameer Gori Sarah Moughal

netlify[bot] commented 6 months ago

Deploy Preview for tag-security canceled.

Name Link
Latest commit e9f6a028bd5b71d3f5f2bd90825c9e2b0f587f72
Latest deploy log https://app.netlify.com/sites/tag-security/deploys/65a8037bda95d20008237a43
eddie-knight commented 6 months ago

Hi! I'm just starting to take a look at this, and the first thing I noticed is that a "backup" file was committed which was most likely intended for local development only.

cp-57 commented 6 months ago

Thanks for the PR @cp-57 and team, appreciate the efforts. I have completed first pass of review and left several comments on section that needs your attention. Please feel free to reach out here or on slack for any questions and clarifications.

Along with addressing the comments, kindly update the PR branch with the latest content in the repo as this branch is out-of-date with the base branch.

Thank you very much for the help @ragashreeshekar. The team and I have gone over the document and made the suggested changes. Please let me know if there is anything else that may need another look.

cp-57 commented 6 months ago

Hi! I'm just starting to take a look at this, and the first thing I noticed is that a "backup" file was committed which was most likely intended for local development only.

Thank you for the help @eddie-knight. I have removed the backup file.

eddie-knight commented 6 months ago

@cp-57 Were you also able to include feedback you received from the Jaeger maintainers?

cp-57 commented 6 months ago

@cp-57 Were you also able to include feedback you received from the Jaeger maintainers?

Hi Eddie, we had a couple suggestions/edits from the maintainers that we have incorporated.

cp-57 commented 6 months ago

Thank you @jkowall. I've added the suggested edits. Please let me know if there is anything else that needs some attention.

jkowall commented 5 months ago

Thank you @jkowall. I've added the suggested edits. Please let me know if there is anything else that needs some attention.

Sorry missed this one, but it looks good. We should merge it and then I can either copy it to our repo or you can open a PR.

jkowall commented 5 months ago

Sorry to ask, do you want us to create the PR or does the author want to do that? Thanks, @JustinCappos .

eddie-knight commented 5 months ago

Hey Jonah! Justin asked me to take over from here, so I'll connect with you via slack regarding the next steps to get everything harmonized