Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Harden pipeline pull-request promotions security documentation and re…
…commendations (weaveworks#3540) * extending token protection * extending security section for pull requests with greater e2e detail and verification * updated review token point and typos along the document fixed * WIP tweak language (squash into previous) This is Eneko and Michael going through together and refining some of the points. * added policy snippets for each of the mentioned policies to provide more guidance to users. * More WIP tweaking * updated to use good practices policy library resources * Refactored policy section adding link to policy library for both rbac good practices and workload escalation. * using policy config for pipeline ns workload escalation * added policy config for managing exclusions and workload escalation paths * Accepted review suggestion Co-authored-by: Michael Bridgen <[email protected]> * Added HMAC link for better understanding Co-authored-by: Michael Bridgen <[email protected]> * typo fixed Co-authored-by: Michael Bridgen <[email protected]> * rewording for more natural reading Co-authored-by: Michael Bridgen <[email protected]> * updated verify security resources to use main branch after PR was merged * Review rewording to enhance readability and understanding. Co-authored-by: Michael Bridgen <[email protected]> * added info on what to do when there is no direct access to the policy library by a customer. * allow-flux policyconfig aligned after policy library review * backport to the latest release --------- Co-authored-by: Michael Bridgen <[email protected]>
- Loading branch information