Open ndouglas opened 1 year ago
Hey team! Please add your planning poker estimate with Zenhub @edmund-dunn @olivereri @teeshe @ariperez @JunTaoLuo
I know the idea wasn't to literally use this rubric but it seemed like an easy way to give my thinking behind the score:
Clarity: Clear as a bell Approach: If we encounter issues or technical roadblocks early on how long should we work to overcome them? Dependencies: None Complexity: Basic knowledge about how Jenkins parameters work in our build and deploy jobs. Maybe creating Github Actions to build AMIs if Platform doesn't already have one running on a schedule. Risks: None Wait-Time vs. Work Time: Will require very little involvement from the Platform team.
@maortiz-27-80 @BerniXiongA6 I have spoken with out Security expert and this does need to be prioritized as soon as possible, especially within the next sprint. @olivereri has more context to share for anyone that picks up this discovery ticket.
@maortiz-27-80 @BerniXiongA6 @olivereri, after consulting with @little-oddball, the hardened instances are not quite ready after all. Let's just make sure to have our portion of the discovery refined for when that work is completed. I will continue to be in contact with Clint and others on Platform so that we can all be in sync. They are hoping the instances are ready by the end of the year.
This ticket has more in-depth info about what's upcoming and links to the related platform work for those interesting in learning more.
@maortiz-27-80 @ndouglas - just heard from Clint on Platform. They will be finishing up their piece of the work in the next sprint and we are free to begin after that. This takes us into right after the new year.
Some additional context: Our target for hardening is ~95%. We are currently at 90.5% so we should try to be above as to not pull down the overall score.
@EWashb to follow up with Clint. cc: @maortiz-27-80
@michelle-dooley this will require very close collaboration with our other Platform DevOps teams..
@michelle-dooley - we should work to carve a little time to have your DevOps folk interact w/ some of the folks on Platform related to this item. Just let me know and I can help bridge that.
Hey @little-oddball - that sounds great!! Tyle Bird (not in GH yet) is our DevOps Engineer that started last week. And we have another one Hassan Tariq starting Monday. Should we wait until Monday when they are both here? If not I can hook you up with Tyler this week. Just let me know what you think is best...
@michelle-dooley - that sounds great, just hit me up when they get settled in. End of next week or something like that.
@edmund-dunn
3/7/2024 update: per @little-oddball guidance, @EWashb has decided to deprioritize this work until the platform team is ready to support. This will likely happen in a few months (~summer 2024).
Description
Platform has a new hardened AL2 image and is switching from an Ansible-based build system to Packer. We should make an effort to conform 🙂
Note from Erika: Our target for hardening is ~95%. We are currently at 90.5% so we should try to be above as to not pull down the overall score.
We should do discovery on this to determine how much work it'll take (if any) to transition to the new image and make a plan for a complete transition. This should not be a massive lift, but should improve our standing within the system.
https://github.com/department-of-veterans-affairs/vsp-platform-infrastructure/tree/main/packer/al2-hardened
Reference List
Acceptance Criteria