Home
Contribute Contact Us Browse all meetings
Home Contribute Contact Us Browse all meetings
GitLab / Compliance Group - Meetings / 20 Jun 2023
GitLab / Compliance Group - Meetings / 20 Jun 2023
Previous Meeting Next Meeting
Add meeting Rate page Subscribe
youtube image
From YouTube: Compliance final planning 16.2 - 2023-06-20

Description

https://gitlab.com/gitlab-org/govern/compliance/general/-/issues/115

A

All right all right, everyone- uh this is the final planning for compliance for 16-2 and I'll share my screen and we'll start to go over uh the priority list, and then the plan for this milestone.

A

Okay, uh so yeah we've got 62 here.

A

uh The priority list hasn't changed much from 16-1 a couple of things dropped off, but uh as they were finished, um the top priority is still just finishing out the instance level streaming. Audit events and I know that we have the API out there. So there's just a few things left to finish off there.

A

um Continuing to plan continuing to plan for the compliance adherence report to start um start work on that.

A

uh The audit events performance limits, there's still a couple of things that are in here and uh there's one that's scheduled for 16-2 and then uh streaming or event filtering in the UI versus stream data. That's that's! uh That's the last on the product priority list, um but you know, as always everything that's that we're doing is definitely uh a priority and a huge uh benefit for our customers.

A

So, let's see Nate did you want to go through the uh plan here? It's.

B

A cool thing yeah, so the first two items at the top of the plan are the adherence reports, the API and the UI. So we've finalized uh the implementation plans for both sets and are now into the work itself. So the goal for 16-2 is to complete the basic structures behind both the front end and the back end and Implement one check, which will be a great first, um so we've hopefully, will have something to look at in the end of 16 too.

B

uh The next one is the instance.

A

Level.

B

Stream of order events, as mentioned the API, has been released, but we want to release the UI and also the add the filtering that we have at the group level for streaming audit events, so that will finish up that instance level streaming order events yeah uh the next priority is the streaming order, needs filtering, so we're improving the filtering by using the all the audit event types that we have in there.

B

This is listing them out so that you can easily select which ones um you want to filter the order of the stream in order to be Inspire um grouping them search and a bunch of other great additions there.

B

The next one here is the blocking merge, requests, there's a couple of final tidy up tasks that we want to complete, which is adding timeout to that. The audit events performance limit, as mentioned we've done the planning and the schema already. The next step is getting a list of all the current queries that we use in the product and then trying to replicate those in our test environment and looking at our.

B

Migration strategy is going to look like and starting to push that, uh following up from that, we've got the monitoring, so we have added in all of them known audit event type schemas that we know of so we've added a login to catch. Any of that we've missed, and we want to complete this in 16 to add any that we've missed close it out, and then we can start forcing some more strict measures across that uh the next one is the the violations dashboard. So there's.

A

The.

B

Export feature that we want to release. This is exporting as well as exporter and including the filtering and um some changes around the uh combining the exports of all of our reports into one place, which will be great from a UI perspective.

B

uh The next one on the list, yeah, is the replace the drop down selection for default branches. uh This was something that we've started last Milestone and we just want to continue on um we're halfway through it. So hopefully we can complete that in 16 3.

B

and the final one to talk about is the streaming audit events to Google Cloud logging. So all of the apis have been released for this and we want to actually release the UI work. So I need to update that goal for this Milestone uh we're looking at actually releasing all that which would be a great way for our customers to stream directly to a third-party system.

B

Yeah.

A

Yeah definitely um and I did just want to say uh you know if you notice this one.

A

That's that's marked out um we're working with the create group, uh as well as security policies or create uh stage, as well as the security policies group, uh because the group level settings for merger requests, approval rules, kind of goes across multiple groups, and we wanted to make sure that we were aligned on the direction for this before we get started on it and start to implement anything so I'm having discussions right now uh to figure out exactly what we're going to do here and how it's going to be integrated with the Mr approval policies that the security uh policies group is going to be working on.

A

So that's why this was here, but we decided to hold off uh while we are finishing those conversations.

A

All right, I think that that's probably it.

A

Oh well, thank you very, very much and I'll go ahead and stop the recording. Thank you.