Home
Contribute Contact Us Browse all meetings
Home Contribute Contact Us Browse all meetings
GitLab / Govern: Security Policies / 14 Sep 2023
GitLab / Govern: Security Policies / 14 Sep 2023
Previous Meeting
Next Meeting
Add meeting Rate page Subscribe
youtube image
From YouTube: Govern: Security Policies How we are planning work for next milestone?

Description

This video is a quick walkthrough through the planning process for the Security Policies team.

It follows a few simple instructions available here:

0. All links to boards are available here: https://gitlab.com/alan#my-dashboards
1. Check the current milestone board to see if anything needs to be refined or started but has not yet started. If so, move them to the next milestone.
2. Check the priorities list, check Epics scheduled for the following two milestones, move all related work to the next milestone, and mark these issues as Deliverables. Also, verify if issues in these Epics are enough to complete the work described in the Epic.
3. Look at bugs for the team and see if there is anything with high priority that needs to be solved within the next milestone.
4. Now, look at the Planning board for the next milestone. Check for the team's capacity and calculate it for the next milestone; based on that, you can specify what you would like to achieve. And decide what we need to do and what can be postponed (Deliverable/Stretch)
5. Look at how many issues and weights you have in the current milestone. Decide if we should postpone something (note that we will be able to discuss this with the Product team),
6. Prioritize them in the Planning Board (Deliverables at the top, Stretch at the bottom).

A

Hello: everyone, my name, is Alan purseskin. Today, I would like to show you how we're doing um planning how we are preparing planning issues, what we are doing actually to plan work for next Milestone um I'm doing this to share it with the team, but also to encourage other team members to join me in this industry.

A

If you'd like to learn how to do that, I'm open for feedback for improvement, so I believe if you'll know more about what I'm doing when I'm doing planning um you'll be able to better understand what are my goals and so on. So every Milestone first security policies team we're preparing planning issue so, for example, I already prepared a draft issue for our next Milestone, um where I'm trying first to set narrative for uh for the next Milestone I'm.

A

Looking at things that would like to deliver looking for things that we delivered in the past and see um on what items. What um epics we should focus on in this Milestone then try to write down the narrative around that so I try to emphasize what's important for for me and for a product manager uh to release in in future Milestones.

A

Also in this one, and also what you'd like to improve as well, along with other priorities, so I try to specify epics things working on some spikes and then I have a list of items that I believe we should be able to release in given Milestone, um then we have some extra like metrics and other links. That might be important to take a look. So that's first thing so I told you about priorities, because this is where the whole whole thing is starting with priorities from product manager.

A

So we have a list of priorities that we're using uh with our pm to decide what items we'd like to deliver next, so we have a Target release that we treat as some kind of guideline for us. Okay, these are things that would like to get and given Milestone. That does not usually means that we will be able to release them fully in given Milestone, but at least it sets a timeline for us where we should focus on which one we could deliver human things.

A

So you have a list of priorities and based on that, we can start with planning. So what I'm doing to start planning first of all, I take a look at the current Milestone. So if you go to my readme page you'll see that you can go to current Milestone board and also the product practice list that that is mentioned here. Then I'm looking for things that are uh assigned to the current Milestone. So let's see what we have in open.

A

That means without any workflow label in open I leave things that related to either feature Flags or anything. That is not really related to engineering work like uh work performed by um test, Engineers work done by technical writers and other things that are not related to to the engineering team, work and I'm. Looking, if there's anything missing that we should actually move to the proper workflow label and there's Geeks and designs that we also keep in open but there's one item at items as prop.

A

um That is just a front-end issue that we should add somewhere. I already checked that before so I'll be moving it to um to verification, because I saw that all the Mars were already merged. Okay, there is nothing left here, so I can proceed to refinement since it's 14 of September September, so we do not probably have time to finish their finals on time. That is why I'm looking at refinements- if this is not something really small I'm, going to move it to the next Milestone, that means we were not able to deliver it.

A

Then this now is done. Let's focus on this one, the next Milestone, so what I'm doing is I'm just changing the Milestone of or uh for the for developed that I'm planning to release.

A

Okay and then I'm looking for things that are in ready for development, anything that is not small, anything that is, that will not be able to deliver very quickly I'm moving.

A

um Anything like variable, I'm I'm leaving here, because I I want to to make sure that um that there are still some items that team can can take without looking at the future uh board. So I'm moving this one, this one was stretch, I'll move it to 16.5, we'll see it will have capacity to do it. There is one item that is blocked, usually I'm checking. uh Why is it blocked and so on? What we can do with that for now, I'm gonna just move it to the next Milestone.

A

uh Then you have small follow-up, but it's rather small. It can stay here uh similar to to the schema. It also have a weight of one that probably can stay and is still deliverable, and we have one Spike that I'm gonna leave here as well as I'm planning to finish that, and it's literally related that we need to deliver that till 22nd. So till the till the release date. Okay, then I'm not checking anything in depth. That's not really something that that I'm checking. If something isn't there, I I believe that it can be finished.

A

If not, then it will be moved automatically by by our automations and we'll get automatically labeled. So it will also tell us that we're missing something from any Milestone and- and that also is the information for me- if there is something that we should handle like unblock someone or help or mitigate like their like different techniques, that we can do.

A

Okay, I believe in it as it is, and then I checked, current board I can refresh load the page just to see if there is nothing missing, but it looks like it's all good now, I can go and take a look at priorities list.

A

um Okay, these ones I know that we are uh so okay. We can open things that are currently in a purchase list just to ensure that we have it scheduled for next Milestones. Okay, so the first bot users were listed already. There's one last item missing, but it's already assigned to 16.5. Let's see another one branch exceptions we release it fully and I believe most of the issues are either moved to 16 dot, um the released in 6.4 and anything related to group.

A

We're already talking about that and discussing it and it's being moved to 16.6 as as we still are working on new designs and then we have prevent users from unprotecting and deleting we already have them assigned to either 16.4. If it's a small item or 16.5, so there's nothing else, it'll be something in backlog that needs to be finished. I will just take a look at a given issue and I'll just assign uh to the Milestone I'm planning it to release um okay, we checked this three.

A

um We can check another two or three um and let's see.

A

This is already planned for 16.5.

A

This is already plan for 16.5. We just move it and- and this one is still a spike that we're planning to do and it's assigned to 16.5 as well as a task all right, I, believe that would be it we can. We can take a look at the last item that we wanted to have in 16.5. Let's see if we'll have capacity to do it, it's lower in our priorities list, um but let's see it's assigned to 16.5 backend is assigned to 16.6, so most probably will be able to to move it to 16.5.

A

Just to make sure that front end will not release the feature without the needed. Backend changes. Okay, we move it. That's that's the first step. We're gonna probably have to remove something probably discussed with product uh manager that something might will might not be able to release and give a mouse down. This is just to have at least a list of things that you would like to have and then we're going to decide about priorities.

A

Okay, um so now the next step, The Next Step, would be to take a look at the Box uh anything that is really important. That has to be solved quickly. So nothing in this Liberty one which is great severity. Two we already have it assigned to the proper milestones and I believe we'll be able to close them uh soon and anything in severity. 3, I'm checking for things that are more important, that's something that that we should handle in 16.5 and, as you can see, these were already assigned.

A

So once the bug is created and we are trashing those bugs, we already assigning the files that we're planning to release it. So that is why you can see them they're on in 16.5 or if there is still discussion going on, they might still be in open stages because we're still discussing about the potential priority or severity uh for them.

A

For now there is nothing else that I should handle I'm moving forward now with bugs so now, I can take a look at the uh at another board that I'm using and an export would be front and back and board, and the liberal stretchboards and manages uh close everything here.

A

Okay stretch the report and I'm gonna just change it to um 16.5.

A

And now we can see, we still have some items that do not have either stretch or deliverable um label assigned. This is something that we'll like to handle right, because we uh we need to do it. um Okay, so, for example, mention UTC. This is like a quick win, oh, but it's literally related to our priorities. I'm moving to stretch um now we have an error, 33 severity tree.

A

My.

A

Yeah, this is something that we we should work on, but we have other higher property box already on the list for now, I'll move it to to the end of the ruble list, we'll see if we will have capacity to do it or if it will assign it as stretch removing indexes this stretch easily um some gross functional tasks like fixed cross joints and so on. This is also a stretch thing index removal stretch, light typical Works incorrectly again. This is something that we probably should look into.

A

So that's my you know important box that might affect customers. We should take care of with higher priority, and then we have not possible to create a scan screen policy within an empty security policy project um we're still discussing it, I'm going to leave it since we marked it as one to fix in the past, so I'm checking why we're still have some discussion going on and I'm going to leave it here, because I'm not sure.

A

If we'll have it ready for the next month, then deprecate the next uh deprecating is also something that we should Argus stretch. Okay, this one is important and I'm doing this. This is based on you know on severity or something that we should release or not. So this is something that I'm just checking and I'm assigning proper uh labels. Then we're gonna again decide what's important and what's not so uh this one is in our priorities list set for next Milestone, so I believe I'm gonna move it uh here uh end to end test.

A

Yes, uh this is the drop we would. It should not have any thresh label component filtering variable. Definitely versioning. First critical policy schema. That's something that we would like to test uh I'm, going to move it to stretch I'm, not sure if we're gonna have time for it, design, something that we're not moving and features like something that we're not moving. Okay. So we checked that stretch the role we more or less know what to do now we can take a cut front and back end based on those labels.

A

uh We have some automation assigned so I'm gonna just set miles down again to the next one is to ensure we have a label. Okay, eight are missing, removing is definitely beckoned cross joints back end, this one um more or less uh fronted and backend, but essentially this is something that I believe I should start with the back end. The security board is a back-end issue.

A

This is something that we need to probably check again. It's it's a one fix we're still discussing that. What we could do with that. It's assigned it's assigned back engineer, so I'm moving it to back end. This stays here and either feature flying designs or planning issues do not have um front and back-end labels assigned okay. That was next step great, so we already have stretched the last side. We have front-end back-end labels assigned now we can take a look actually at the last word that I'm checking, which is a planning board.

A

Yeah and in the planning board I'm, looking at how many issues we have opened here, um we more or less moved things from 164 to 16.5 anything that was not started, anything that is currently in progress. We stay as it is, and now I'm checking, uh because here you'll see only items that are currently open.

A

We do not know how many things we already closed, so what I'm doing here is actually I'm assigning a milestone just to check how many things were already closed so and I'm calculating the weight and also the how many issues more or less, because that gives me some metrics. We have 34 Plus 90, which is 53, and we should aim and I so that usually it's around 50, it's something that we should aim to have 50 issues open. So, let's see I'm gonna check Milestone to 16.

A

5.

A

We have 35 right now, but we're gonna have some items moved from 16.4 that are currently uh we can currently in in Dev or in review stages. So we can actually take a look at the um at this board.

A

At this board and yeah, we have like eight in the three three ready, something in review, so I believe we're going to end up with around 50 50 issues, so it looks more or less okay. Let's take a look at weight because that's also important for me for night, for now it's 19, but again something might slip.

A

um So so, if you take 19 from here and add some items from ready for development and depth, um then you have like 16 plus 19, which is around 35. Again. We can take a look at the previous milestone.

A

Again, it's a heuristic. It's it's a feeling that you'll get with more planning issues you're going to produce in the end, but yeah it's around 30., that's something that we usually release and then 30 40.

A

um This is the goal that we that we have it's not written anywhere. It just a goal that that we aim to have around uh around this way. Okay, 40. looks great um okay. Now we can go again, remove the Milestone label here and now we can take a look at those issues and try to assign uh to to move them properly. On this board, so what I'm doing and actually to to be an accurate?

A

uh What I'm doing I'm going to to the um to our group board I'm going to change the Milestone to the next one, not the given one um okay and then we have something in refinement and then I'm moving things like drivables I'm, going to move up.

A

Is there anything that is durable, gonna move up anything that it's stretching I'm going to move down.

A

That works like this.

A

And then what I'm usually doing, but it takes more time, probably I'm not going to use your time during this video I'm looking at how these issues are connected together, what things I believe should be released earlier, because these are based on the higher priorities. So it's all connected to how this issue is written here are related to epics that are mentioned here and I.

A

Try to to get this list in order according to to disabilities, just to make sure that we're closing issues according to the priorities set by product and uh product manner, management, team and so I'm doing similar things for writing for development list and then automatically after the last Milestone is closed. These things are automatically if we haven't finished something in the last Milestone. These will be moved automatically there and I'm doing again.

A

This work of of moving all things um on this board just to ensure that purchase list is appropriate, and that means that you can also always take a look at the list, get the the item with the highest priority. So this is what I'm doing um to release it after I I have all of that.

A

I have a script that is called connecting to the API um is, is getting all these issues together as Json files, and then it produces me a Content that is needed for for planning issues, so you can take a look here in the end. I'm, not copy, pasting issues that are mentioning here. It's just the API call that I'm doing and based on that I'm able to actually produce this uh this page and provide it to you for feedback. Thank you.

A

If you have any questions, let me know um this was a draft idea of how I'm doing planning my my next item would be to actually write this down to have like some kind of algorithm. That would allow you to um to work on that. If you're interested, let me know if you have any questions. Thank you.