124906d084
- Introduced multiple guides for workflows including Evidence Pack Validation, Incident Response, Model Validation, Performance & HIL, Release Signing, SBOM Validation, Secret Scanning, and Supply Chain Attestation. - Created dynamic badges for each workflow to reflect their status and compliance. - Implemented a checklist for validating CI/CD workflows and evidence packs. - Developed scripts for building firmware, testing, collecting evidence, and generating audit reports. - Added tools for generating community, documentation, quality, and security badges based on various reports. - Established endpoints for dynamic badges to be integrated into documentation and README files. - Enhanced the overall structure and traceability of CI/CD processes with evidence packs and automated checks.
780 B
780 B
Guide Workflow Evidence Pack Validation
Objectif
Garantir la présence et la validité des artefacts de conformité (evidence pack) à chaque étape du CI/CD.
Outils utilisés
- Scripts custom de validation
- Evidence pack YAML/JSON
Logique du workflow
- Vérification automatique de l’evidence pack à chaque build/release
- Publication des artefacts validés
Critères de conformité
- Evidence pack complet et valide
- Artefacts accessibles et traçables
Badge dynamique
- Endpoint JSON : docs/badges/evidence_pack_badge.json
- Intégration dans README
Vérification
- Le badge doit afficher le statut de validation de l’evidence pack
- Les artefacts sont accessibles dans les releases ou CI