Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Self-Assessment] Container Network Interface (CNI) #28

Open
27 of 36 tasks
jasonliny opened this issue Nov 20, 2023 · 0 comments
Open
27 of 36 tasks

[Security Self-Assessment] Container Network Interface (CNI) #28

jasonliny opened this issue Nov 20, 2023 · 0 comments

Comments

@jasonliny
Copy link

jasonliny commented Nov 20, 2023
edited
Loading

Details

Project Name: Container Network Interface (CNI)

Github URL: https://github.com/containernetworking/cni

CNCF project stage: Incubation preparing for Graduation

Security Provider: No

Self-assessment link (before PR): CNI Security Self-Assessment

Tasks

  • Stage 1: Preparation

    • Create a GitHub issue for the security self assessment of CNI project.
    • Create a place holder of security self assessment.
      • Create a fork of the CNCF Tag-Security in your Github.
      • Create a new folder for the CNI project.
      • Add the security self assessment template under the project folder.
      • Issue link of Initial Commit: ba605be
    • Review Documentation of the CNI project.

  • Stage 2: Understand the Project Landscape

    • Understand the overall project at a sufficient level of detail.
    • Update overview section

  • Stage 3: First complete draft of the Self Assessment

    • Document technical specifications of the CNI project.
      • Self assessment use
        commit: a501962
      • Security functions and features
        commit: 9e989a5
      • Project compliance
        commit: 4d70d8a
      • Secure development practices
        commit: 705ebcd
      • Security issue resolution
        commit: 548fdee
      • Appendix
        commit: 5c491f8
    • Complete the security self assessment draft.

  • Stage 4: Iteration with the project

    • Initiate discussion with CNI project maintainers.
    • Incorporate inputs and feedback from CNI project maintainers.
    • Document the findings.

  • Stage 5: Finalization

    • Initiate PR
    • Get feedback and findings from reviewers
    • Fix the findings
    • Merge the PR
    • Close the issue
@jasonliny jasonliny changed the title [Security Self-Assessment] Project Name [Security Self-Assessment] Container Network Interface (CNI) Nov 20, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jasonliny