[Community] Re: Onboarding RapiDAST

Thank you for the feedback @Jeremy Choi <jechoi(a)redhat.com&gt; and for a follow up PR contribution! I sorted it out by manually pushing in the terminal via the "Open git > Repository in Terminal" menu. The instruction on > http://elyra-aidevsecops-tutorial.catalog.meteor.zone/docs/source/push-ch... > wasn't for pushing the user's forked project. > > It would be nice to add some comments(or instructions) to the notebook. > Good point, could I encourage you convert this to a github issue here: https://github.com/operate-first/support/issues ? On Wed, Feb 9, 2022 at 9:17 PM Jeremy Choi <jechoi(a)redhat.com&gt; wrote: > Hi Humair and Anand, > > Some feedback on doc - mainly, two things: > > 1. It could be just me, but it was a little ambiguous to me (took a bit > to figure out) what to do exactly for onboarding. > > I've created a PR https://github.com/operate-first/apps/pull/1603, just > trying to show an example of how it could be improved. It's just my 2c so > please feel free to accept, edit or ignore. > > 2. The notebook needs to be improved re 'git push' > > 'git push' in the notebook will require the user to put their > username/password for Github authentication, which makes the notebook run > hang, if simply running the notebook. (waiting for user input which doesn't > seem to be possible to be provided) > > I sorted it out by manually pushing in the terminal via the "Open git > Repository in Terminal" menu. The instruction on > http://elyra-aidevsecops-tutorial.catalog.meteor.zone/docs/source/push-ch... > wasn't for pushing the user's forked project. > > It would be nice to add some comments(or instructions) to the notebook. > > Thanks > -- > Jeremy Choi / Red Hat Product Security > > > On Thu, Feb 3, 2022 at 2:13 AM Humair Khan <hukhan(a)redhat.com&gt; wrote: > >> Hello Jeremy -- the pr was merged and changes were deployed live. The >> provisioned namespace on smaug can be found here: >> https://console-openshift-console.apps.smaug.na.operate-first.cloud/k8s/n... >> >> > while I'm going to provide more feedback on the doc later >> >> Please do! >> >> Let us know if you have any other questions. >> >> On Wed, Feb 2, 2022 at 2:34 AM Jeremy Choi <jechoi(a)redhat.com&gt; wrote: >> >>> Hi Anand >>> >>> Thanks! I created a PR - >>> https://github.com/operate-first/apps/pull/1572. >>> >>> -- >>> Jeremy Choi / Red Hat Product Security >>> >>> >>> On Wed, Feb 2, 2022 at 12:14 AM Anand Sanmukhani <asanmukh(a)redhat.com&gt; >>> wrote: >>> >>>> Hey Jeremy, we have some instructions available here >>>> <http://elyra-aidevsecops-tutorial.catalog.meteor.zone/docs/source/push-ch... that >>>> might help you with this. >>>> >>>> > while I'm going to provide more feedback on the doc later >>>> thanks! please create a new issue in this repo >>>> <https://github.com/operate-first/operate-first.github.io/issues> with >>>> your feedback. >>>> >>>> >>>> - Anand >>>> >>>> On Mon, Jan 31, 2022 at 10:58 PM Jeremy Choi <jechoi(a)redhat.com&gt; >>>> wrote: >>>> >>>>> Hi Anand >>>>> >>>>> Just getting in touch with you to ask you for a tip for my issue... >>>>> >>>>> (while I'm going to provide more feedback on the doc later) >>>>> everything worked good as described in >>>>> https://www.operate-first.cloud/apps/content/notebooks/onboarding_project..., >>>>> except 'git push' required my input for github username(and possibly >>>>> password afterwards). The results shown in the doc don't require a username >>>>> so there could be some steps to deal with the credentials. >>>>> >>>>> The JH notebook seems to be waiting for my input while running code, >>>>> but the thing is, how can I input? Or otherwise, could you advise me how >>>>> to sort out the authentication issue? >>>>> >>>>> Thanks >>>>> Jeremy >>>>> >>>>> On Mon, Jan 24, 2022 at 4:24 PM Jeremy Choi <jechoi(a)redhat.com&gt; >>>>> wrote: >>>>> >>>>>> Thanks all. >>>>>> >>>>>> I will be able to go through the guidance Anand provided next week >>>>>> ASAP. >>>>>> >>>>>> If there is anything else that should be done on our side for >>>>>> onboarding(or anything we could help with), please feel free to let me know. >>>>>> >>>>>> -- >>>>>> Jeremy Choi / Red Hat Product Security >>>>>> >>>>>> >>>>>> On Sat, Jan 22, 2022 at 6:19 AM Karsten Wade <kwade(a)redhat.com&gt; >>>>>> wrote: >>>>>> >>>>>>> Yes, I included onboarding as a purview of SIG-Community, at least >>>>>>> until we form SIG-Onboarding. :D >>>>>>> >>>>>>> Having RapiDAST as our first new community connecting since the new >>>>>>> governance is a great way to check on what we have and what we need for >>>>>>> this. >>>>>>> >>>>>>> On Fri, Jan 21, 2022 at 1:03 AM Marcel Hild <mhild(a)redhat.com&gt; >>>>>>> wrote: >>>>>>> >>>>>>>> Karsten and sig-community, >>>>>>>> while sig-operations can handle the technical onboarding (as Anand >>>>>>>> did) and also decide if operations of said service should be part of the >>>>>>>> community cloud platform offering, we should also come up with some process >>>>>>>> on welcoming and onboarding the RapiDAST community to operate first. Maybe >>>>>>>> a good discussion topic for the next sig-community meeting >>>>>>>> >>>>>>>> On Fri, Jan 21, 2022 at 7:17 AM Anand Sanmukhani < >>>>>>>> asanmukh(a)redhat.com&gt; wrote: >>>>>>>> >>>>>>>>> Hey Jeremy, RapiDAST looks like an awesome project! I think it >>>>>>>>> would be a great addition to the list of services deployed in Operate First >>>>>>>>> clusters. >>>>>>>>> >>>>>>>>> > For onboarding, implementation of an operator and work to get >>>>>>>>> it onboard is yet to be done. Any guidance or references on processes, >>>>>>>>> requirements or implementation will be much appreciated. >>>>>>>>> >>>>>>>>> To get started, I would suggest you request a namespace with >>>>>>>>> appropriate resources on one of our clusters (the MOC/Smaug cluster should >>>>>>>>> have enough resources available for you). To do so, you can follow the >>>>>>>>> instructions here >>>>>>>>> <https://www.operate-first.cloud/apps/content/cluster-scope/onboarding_to_... >>>>>>>>> . >>>>>>>>> Once you get access to a namespace, you can deploy RapiDAST there >>>>>>>>> and work on figuring out the implementation details for the operator. >>>>>>>>> >>>>>>>>> Please let us know if the steps listed in the docs don't work for >>>>>>>>> you, we are constantly trying to improve on our documentation and any >>>>>>>>> feedback is appreciated. >>>>>>>>> >>>>>>>>> - Anand >>>>>>>>> >>>>>>>>> On Fri, Jan 21, 2022 at 12:02 AM Jeremy Choi <jechoi(a)redhat.com&gt; >>>>>>>>> wrote: >>>>>>>>> >>>>>>>>>> Hi all >>>>>>>>>> >>>>>>>>>> RapiDAST is made public now at >>>>>>>>>> https://github.com/RedHatProductSecurity/rapidast. >>>>>>>>>> >>>>>>>>>> RapiDAST is currently providing a framework for automated >>>>>>>>>> dynamic scanning against web API. The goal here in terms of OperateFirst >>>>>>>>>> is: >>>>>>>>>> >>>>>>>>>> RapiDAST to be running as a service for the community hosted on >>>>>>>>>> operate first clusters. Any service running on operate first and any other >>>>>>>>>> community service can use RapiDAST to check for security risks in their API. >>>>>>>>>> >>>>>>>>>> For onboarding, implementation of an operator and work to get it >>>>>>>>>> onboard is yet to be done. Any guidance or references on processes, >>>>>>>>>> requirements or implementation will be much appreciated. >>>>>>>>>> >>>>>>>>>> Thanks >>>>>>>>>> -- >>>>>>>>>> Jeremy Choi / Red Hat Product Security >>>>>>>>>> _______________________________________________ >>>>>>>>>> Community mailing list -- community(a)lists.operate-first.cloud >>>>>>>>>> To unsubscribe send an email to >>>>>>>>>> community-leave(a)lists.operate-first.cloud >>>>>>>>>> >>>>>>>>> _______________________________________________ >>>>>>>>> Community mailing list -- community(a)lists.operate-first.cloud >>>>>>>>> To unsubscribe send an email to >>>>>>>>> community-leave(a)lists.operate-first.cloud >>>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Community mailing list -- community(a)lists.operate-first.cloud >>>>>>>> To unsubscribe send an email to >>>>>>>> community-leave(a)lists.operate-first.cloud >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Karsten Wade [he/him/his] | Senior Community Architect | @quaid >>>>>>> Red Hat Open Source Program Office (OSPO) : @redhatopen >>>>>>> The Open Source Way : https://theopensourceway.org >>>>>>> Operate First : https://operate-first.cloud >>>>>>> >>>>>> _______________________________________________ >>> Community mailing list -- community(a)lists.operate-first.cloud >>> To unsubscribe send an email to >>> community-leave(a)lists.operate-first.cloud >>> >>