Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create CNA GitHub webpage repo and DNS CNAME #238

Closed
ruddermann opened this issue Oct 7, 2024 · 2 comments
Closed

Create CNA GitHub webpage repo and DNS CNAME #238

ruddermann opened this issue Oct 7, 2024 · 2 comments
Assignees
@bensternthal @ruddermann
Milestone
DESTF Milestone 7

Comments

@ruddermann
Copy link
Collaborator

ruddermann commented Oct 7, 2024
edited
Loading

The CNA requires a URL for us to post security advisories. Based on the OpenJS CNA Application the consensus is this should be security.openjsf.org.

  • The repository for this website will be security-advisories
  • The GitHub webpage URL will be openjs-foundation.github.io/security-advisories
  • We will create a DNS CNAME record for security.openjsf.org that redirects to the GitHub webpage URL.
@ruddermann ruddermann self-assigned this Oct 7, 2024
@ruddermann ruddermann added this to the DESTF Milestone 7 milestone Oct 7, 2024
@ruddermann ruddermann changed the title Create CNA GitHub webpage repo and website Create CNA GitHub webpage repo and DNS CNAME Oct 7, 2024
@ruddermann ruddermann mentioned this issue Oct 7, 2024
Closed
@achrinza achrinza mentioned this issue Oct 26, 2024
Open
@ruddermann
Copy link
Collaborator Author

Howdy @bensternthal! The placeholder website for security advisories is now live: https://openjs-foundation.github.io/security-advisories/

There are two things to do now: 1) configure the security.openjsf.org CNAME record and 2) verify the domain

  1. To have security.openjsf.org redirect to the repo page, update the openjsf.org DNS with the following cname record:

security CNAME openjs-foundation.github.io. (the extra dot on the end is important)

  1. To verify the domain for an organizational site, follow the instructions here. It doesn’t seem that I have the admin privileges to see the Settings link it mentions.

Once these are complete, reassign to @ruddermann and I can finish setting things up!

@bensternthal
Copy link
Contributor

This is complete, note I had to configure the custom domain in the security-advisory repo.

@github-project-automation github-project-automation bot moved this from In Progress to Done in DESTF - Security Project Tracking Dec 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bensternthal bensternthal

@ruddermann ruddermann

Labels
None yet
Projects
DESTF - Security Project Tracking
Status: Done
Milestone
DESTF Milestone 7
Development

No branches or pull requests
2 participants
@bensternthal @ruddermann