Page MenuHomePhabricator

Design and Build Application Security Pipeline Components for Gitlab
Open, MediumPublic

Description

The Wikimedia Security-Team would like to design and build certain components for a modern application security pipeline within the Wikimedia instance of Gitlab (https://gitlab.wikimedia.org/). There is a small (though important) amount of security-related tooling which runs within the context of Gerrit (LibUp, phan-taint-check-plugin). We would like to expand upon these tools by crafting a singular repository where various security-related .gitlab-ci.yml templates would live and be included by relevant repositories via Gitlab's modular CI design. These CI included templates would make use of many of Wikimedia's existing Docker images and provide security-related tools (npm audit, etc.) to be run during various Gitlab CI/CD pipelines and potentially via additional automated and manual triggers.

Related Objects

StatusSubtypeAssignedTask
Opensbassett
Resolvedbrennen
Stalledsbassett
Invalidthcipriani
InvalidNone
Resolvedsbassett
Resolvedsbassett
Resolvedsbassett
Resolvedmmartorana
OpenNone
Resolvedsbassett
OpenNone
Openmmartorana
OpenMstyles
Openthcipriani
Resolvedsbassett
Opensbassett