Issue to be exempted in "This Pipeline" instead of "This project"
pending feedback
F
Flexible Lemur
When create exemption request, in the question "Where do you want this issue to be exempted", by default "This Project" is selected, but we'd like the default to be "This pipeline" instead.
Log In
F
Flexible Lemur
Hello Pritesh,thanks for the feedback. The intention is to exempt by the pipeline level only hence the ask to make the default to "This pipeline". Because the issue will be unique to the pipeline only. Also, regarding to the reason to be exempted "fix unavailable" or "false postive" etc. It could be applicable to 1 repo but not the other.
Pritesh Chandaliya
pending feedback
Hello Truc,
Can you please help us to understand what is the intent for the above feature request?
Background: Harness STO has Account > Organization > Project as the hierarchy and under each project there can be multiple pipelines defined.
Project is scoped for a specific development team, while organization is for a Business Unit and Account is for the company wide (across all the BU) scope.
So if a developer is exempting an issue/vulnerability then it make sense that it is exempted for the Project scope as the default because then Product Security team can analyze request and take the decision collectively for the team and not just a developer (pipeline creator).
Let us know your thoughts, thanks!