Merge pull request #380 from linear-b/soc2

Soc2 Integration Page

docs/automations/standard/flag-merged-no-review/README.md

@@ -0,0 +1,43 @@
+---
+title: Automation - Flag Code That's Merged Without Review
+description: Automatically send notifications to your team when code is merged without review.
+---
+# Flag Code That's Merged Without Review
+
+<!-- --8<-- [start:example]-->
+
+Automatically send notifications to your team when code is merged without review.
+
+<div class="automationImage" markdown="1">
+![Flag Code That's Merged Without Review](/automations/standard/flag-merged-no-review/flag-merged-no-review.png)
+
+![Slack Message](/automations/standard/flag-merged-no-review/slack-message.png)
+</div>
+
+
+<div class="automationDescription" markdown="1">
+!!! info "Configuration Description"
+
+    Conditions (all must be true):
+
+    * A PR is merged without at least one review.
+
+    Automation Actions:
+
+    * Send a Slack notification to alert your team.
+    * Apply a red `DCF5-merged-without-review` label.
+    * Post a comment explaining SOC II requirements.
+</div>
+
+
+<div class="automationExample" markdown="1">
+!!! example "Flag Code That's Merged Without Review"
+    ```yaml+jinja
+    --8<-- "docs/downloads/automation-library/standard/flag_merged_no_review.cm"
+    ```
+    <div class="result" markdown>
+      <span>
+      [:octicons-download-24: Download this example as a CM file.](/downloads/automation-library/standard/flag_merged_no_review.cm){ .md-button }
+      </span>
+    </div>
+<!-- --8<-- [end:example]-->

docs/downloads/automation-library/standard/flag_merged_no_review.cm

@@ -0,0 +1,39 @@
+# -*- mode: yaml -*-
+
+manifest:
+  version: 1.0
+on:
+  - merge
+
+# https://docs.gitstream.cm/automation-actions/#send-slack-message
+slack_webhook: {{ env.SLACK_WEBHOOK }}
+
+# Update security_team to match your organization
+security_team: 'my-org/app-sec'
+
+automations:
+  flag_merged_no_review:
+    if:
+      - {{ pr.approvals | length == 0 }}
+    run:
+      - action: add-label@v1
+        args:
+          label: "DCF5-merged-without-review"
+          color: {{ colors.red }}
+
+      - action: send-slack-message@v1
+        args:
+          message: "PR #{{ pr.number }} - {{ pr.title }} - was merged without peer reviews. SOC2 requires code reviews for every code change. _SOC2 ref: CC8.1_"
+          webhook_url: "{{ slack_webhook }}"
+
+      - action: add-comment@v1
+        args:
+          comment: |
+            This PR was merged without peer reviews. SOC2 requires code reviews for every code change.
+            _SOC2 ref: CC8.1_
+
+            @{{ security_team }}
+
+
+colors:
+  red: 'F6443B'

docs/integrations/README.md

@@ -49,7 +49,7 @@ visible: false
 
 </div>
 
-## Security
+## Security & Compliance
 
 <div class="integrations-list" markdown="1">
 
@@ -89,6 +89,12 @@ visible: false
 </div>
 </div>
 
+<div class="integrations-card" markdown="1">
+<div class="integrations-card-title" markdown="1">
+[:material-lock: SOC 2](/integrations/soc2)
+</div>
+</div>
+
 </div>
 
 ## Project Management

docs/integrations/soc2.md

@@ -0,0 +1,13 @@
+---
+title: Use gitStream for SOC 2 compliance.
+description: Implement workflow automations to help your team remain SOC 2 compliant during the code review process.
+---
+gitStream policy-as-code makes it easy to implement workflow automations that help your team remain SOC 2 compliant during the code review process.
+
+
+## Flag Code That's Merged Without Review
+--8<-- "docs/automations/standard/flag-merged-no-review/README.md:example"
+
+## Additional Resources
+
+--8<-- "docs/snippets/general.md"