3:02 a.m.
Karsten and sig-community,
while sig-operations can handle the technical onboarding (as Anand did) and
also decide if operations of said service should be part of the community
cloud platform offering, we should also come up with some process on
welcoming and onboarding the RapiDAST community to operate first. Maybe a
good discussion topic for the next sig-community meeting
On Fri, Jan 21, 2022 at 7:17 AM Anand Sanmukhani <asanmukh(a)redhat.com>
wrote:
Hey Jeremy, RapiDAST looks like an awesome project! I think it would
be a
great addition to the list of services deployed in Operate First clusters.
> For onboarding, implementation of an operator and work to get it onboard
is yet to be done. Any guidance or references on processes, requirements or
implementation will be much appreciated.
To get started, I would suggest you request a namespace with
appropriate resources on one of our clusters (the MOC/Smaug cluster should
have enough resources available for you). To do so, you can follow the
instructions here
<https://www.operate-first.cloud/apps/content/cluster-scope/onboarding_to_...
.
Once you get access to a namespace, you can deploy RapiDAST there and work
on figuring out the implementation details for the operator.
Please let us know if the steps listed in the docs don't work for you, we
are constantly trying to improve on our documentation and any feedback is
appreciated.
- Anand
On Fri, Jan 21, 2022 at 12:02 AM Jeremy Choi <jechoi(a)redhat.com> wrote:
> Hi all
>
> RapiDAST is made public now at
> https://github.com/RedHatProductSecurity/rapidast.
>
> RapiDAST is currently providing a framework for automated dynamic
> scanning against web API. The goal here in terms of OperateFirst is:
>
> RapiDAST to be running as a service for the community hosted on operate
> first clusters. Any service running on operate first and any other
> community service can use RapiDAST to check for security risks in their API.
>
> For onboarding, implementation of an operator and work to get it onboard
> is yet to be done. Any guidance or references on processes, requirements or
> implementation will be much appreciated.
>
> Thanks
> --
> Jeremy Choi / Red Hat Product Security
> _______________________________________________
> Community mailing list -- community(a)lists.operate-first.cloud
> To unsubscribe send an email to community-leave(a)lists.operate-first.cloud
>
_______________________________________________
Community mailing list -- community(a)lists.operate-first.cloud
To unsubscribe send an email to community-leave(a)lists.operate-first.cloud