New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve GitLab Security policy #263

Open

tas50 opened this issue Sep 19, 2023 · 1 comment

Member

tas50 commented Sep 19, 2023 •

edited

Loading

Describe the bug
There are a few things we can extend cnquery to check and then add to this policy per: https://about.gitlab.com/blog/2023/05/31/securing-your-code-on-gitlab/ as well as some common sense items from the API.

Groups:

Blocking forking repos outside the project
Enable delayed project deletion
Limit creating subgroups to owners
Limit creating projects to owners

Projects:

Disable treating skipped pipelines as successful
Only allow merges if pipelines succeed
Use separate caches for protected branches.
Disable public builds
Set the releases access level to private
Use separated caches for protected branches
Disable shared runners

Member Author

tas50 commented Aug 9, 2024

@HRouhani Is there anything worth adding here now that we have the CIS benchmark?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment