leogr
commented
1 year ago /assign @incertum
Closed incertum closed 1 year ago
leogr
commented
1 year ago /assign @incertum
incertum
commented
1 year ago
This issue will serve as a tracker for the implementation of the initial "Rules Maturity Framework" for Falco 0.36, as outlined in the proposal found at https://github.com/falcosecurity/rules/blob/main/proposals/20230605-rules-adoption-management-maturity-framework.md.
The proposed approach involves iterative tagging to make the process less complex, more structured, and auditable. While it may initially appear redundant and involve some back and forth in some cases, I believe it will allow us to be more deliberate in discussing and determining the appropriate level for each rule.
Categorizing the maturity of each rule:
Phase 1:
maturity_sandbox, without any exceptions.Phase 2:
maturity_sandboxand consider transitioning some tomaturity_incubating, with a maximum of 5 rules per PR to enable focused discussions.maturity_stablethat have already been established and proven useful in production settings. Each PR should focus on a maximum of 5 rules to facilitate discussions. All these rules must be enabled by default and contain a useful description, tuning guidance, and reflect best rule-writing practices. Refer to https://github.com/falcosecurity/rules/blob/main/proposals/20230605-rules-adoption-management-maturity-framework.md#rules-maturity-framework and https://github.com/falcosecurity/rules/blob/main/proposals/20230605-rules-adoption-management-maturity-framework.md#define-rule-contribution-process for more details.Phase 3:
maturity_sandboxormaturity_incubating.Tagging rules with compliance-related tags: