Page MenuHomePhabricator
Create Task
Maniphest T371814

[EPIC] Universal Security Dashboard
Open, In Progress, MediumPublic
Actions

Description

The Security-Team will create a stand-alone security dashboard that will:

  1. Exist within a relatively private and secure environment (hopefully a dedicated host within Wikimedia production)
  2. Provide the infrastructure to configure and locally cache numerous public git repositories and associated data
  3. Provide the means to schedule and run numerous FOSS security tools against various codebases
  4. Provide a minimal means of reporting issues from the aforementioned FOSS security tools

Related Objects
Search...

StatusSubtypeAssignedTask
 In ProgressNoneT371814 [EPIC] Universal Security Dashboard
 ResolvedsbassettT371817 Create development environment instance for security dashboard under wikimedia cloud services
 ResolvedmmartoranaT371818 Investigate puppet configuration/profile for a stand-alone python/django application under wmcs bookworm instance
 ResolvedsbassettT371819 Investigate git repository management and caching solution
 ResolvedsbassettT371820 Investigate stand-alone CI and job-runner FOSS solutions
 ResolvedmmartoranaT371821 Investigate reporting options for various tools, tabular CLI reports, etc.
 ResolveddcaroT373386 Request creation of usdtest VPS project
 InvalidNoneT373477 Request a CloudVPS floating IP for the usdtest account
 ResolvedsbassettT377762 Create a workable docker-compose.yml for the USD application
 ResolvedMstylesT377763 Establish baseline dependencies and application structure
 DuplicateNoneT377766 Create basic django models for initial release of the project
 ResolvedmmartoranaT377769 Research and determine initial security tools
ResolvedsbassettT379003 Commit and merge basic django app framework structure
 In ProgressmmartoranaT379005 Discuss and determine django ORM structure for initial application
 In ProgressmmartoranaT379007 Discuss best authn/z methods for initial phase of application development
 In ProgresssbassettT379009 As a user I should be able to perform CRUD operations via the django REST API for various mutable objects
 OpenNoneT379010 Design task/job queue for task runs for initial phase of project
 ResolvedMstylesT379011 Determine list of projects for initial phase of development
 In ProgressacooperT380306 Create basic specification (one-pager) and/or Decision Record Overview documents for USD

Event Timeline

sbassett created this task.Aug 5 2024, 3:11 PM
Restricted Application added a project: Epic. · View Herald TranscriptAug 5 2024, 3:11 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
sbassett updated the task description. (Show Details)Aug 5 2024, 3:13 PM
sbassett added a project: user-sbassett.
sbassett mentioned this in Universal Security Dashboard.Aug 5 2024, 3:17 PM
sbassett added a project: Universal Security Dashboard.
sbassett closed subtask T371817: Create development environment instance for security dashboard under wikimedia cloud services as Resolved.Aug 5 2024, 3:26 PM
sbassett moved this task from Incoming to In Progress on the Security-Team board.Aug 5 2024, 4:04 PM
sbassett added a project: SecTeam-Processed.
sbassett moved this task from Backlog to In Progress on the user-sbassett board.Aug 19 2024, 3:23 PM
sbassett renamed this task from [EPIC] Security Dashboard to [EPIC] Universal Security Dashboard.Aug 26 2024, 7:00 PM
sbassett changed the task status from Open to In Progress.
sbassett triaged this task as Medium priority.
sbassett mentioned this in T373386: Request creation of usdtest VPS project.Aug 26 2024, 7:04 PM
sbassett added a subtask: T373386: Request creation of usdtest VPS project.
dcaro closed subtask T373386: Request creation of usdtest VPS project as Resolved.Aug 27 2024, 8:39 AM
sbassett reopened subtask T373386: Request creation of usdtest VPS project as Open.Aug 27 2024, 6:42 PM
taavi closed subtask T373386: Request creation of usdtest VPS project as Resolved.Aug 28 2024, 8:34 AM
mmartorana changed the status of subtask T371818: Investigate puppet configuration/profile for a stand-alone python/django application under wmcs bookworm instance from Open to In Progress.Aug 28 2024, 3:17 PM
CodeReviewBot added a project: Patch-For-Review.Sep 25 2024, 8:44 PM

sbassett opened https://gitlab.wikimedia.org/repos/security/universal-security-dashboard/-/merge_requests/1

Initiate Python project repository

CodeReviewBot added a comment.Sep 26 2024, 3:14 PM

mmartorana merged https://gitlab.wikimedia.org/repos/security/universal-security-dashboard/-/merge_requests/1

Initiate Python project repository

Maintenance_bot removed a project: Patch-For-Review.Sep 26 2024, 3:31 PM
sbassett closed subtask T371820: Investigate stand-alone CI and job-runner FOSS solutions as Resolved.Oct 1 2024, 8:18 PM
sbassett closed subtask T371819: Investigate git repository management and caching solution as Resolved.Oct 7 2024, 6:27 PM
mmartorana closed subtask T371818: Investigate puppet configuration/profile for a stand-alone python/django application under wmcs bookworm instance as Resolved.Oct 8 2024, 10:06 AM
mmartorana changed the status of subtask T371821: Investigate reporting options for various tools, tabular CLI reports, etc. from Open to In Progress.Oct 9 2024, 4:31 PM
sbassett closed subtask T371821: Investigate reporting options for various tools, tabular CLI reports, etc. as Resolved.Oct 21 2024, 5:06 PM
mmartorana added a subscriber: Mstyles.Oct 21 2024, 5:12 PM
mmartorana changed the status of subtask T377769: Research and determine initial security tools from Open to In Progress.Oct 23 2024, 1:30 PM
sbassett changed the status of subtask T377763: Establish baseline dependencies and application structure from Open to In Progress.Oct 28 2024, 5:14 PM
sbassett changed the status of subtask T377762: Create a workable docker-compose.yml for the USD application from Open to In Progress.
sbassett changed the status of subtask T379011: Determine list of projects for initial phase of development from Open to In Progress.Wed, Nov 6, 5:46 PM
sbassett closed subtask T377763: Establish baseline dependencies and application structure as Resolved.Thu, Nov 7, 4:29 PM
Mstyles closed subtask T379011: Determine list of projects for initial phase of development as Resolved.Tue, Nov 19, 6:12 PM
mmartorana closed subtask T377769: Research and determine initial security tools as Resolved.Wed, Nov 20, 3:50 PM
sbassett closed subtask T377762: Create a workable docker-compose.yml for the USD application as Resolved.Fri, Nov 22, 9:32 PM
sbassett closed subtask T379003: Commit and merge basic django app framework structure as Resolved.
sbassett changed the status of subtask T379005: Discuss and determine django ORM structure for initial application from Open to In Progress.Fri, Nov 22, 9:34 PM
sbassett changed the status of subtask T379007: Discuss best authn/z methods for initial phase of application development from Open to In Progress.
sbassett changed the status of subtask T379009: As a user I should be able to perform CRUD operations via the django REST API for various mutable objects from Open to In Progress.
sbassett changed the status of subtask T380306: Create basic specification (one-pager) and/or Decision Record Overview documents for USD from Open to In Progress.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits