-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
issue template: clarify security/crash reporting #10885
Merged
Merged
Changes from all commits
Commits
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,54 @@ | ||
| **If you are reporting *any* crash or *any* potential security issue, *do not* | ||
| open an issue in this repo. Please report the issue via emailing | ||
| envoy-security@googlegroups.com where the issue will be triaged appropriately.** | ||
|
|
||
| **Issue Template** | ||
|
|
||
| *Title*: *One line description* | ||
|
|
||
| *Description*: | ||
| >Describe the issue. Please be detailed. If a feature request, please | ||
| describe the desired behaviour, what scenario it enables and how it | ||
| would be used. | ||
|
|
||
| [optional *Relevant Links*:] | ||
| >Any extra documentation required to understand the issue. | ||
|
|
||
| **Bug Template** | ||
|
|
||
| *Title*: *One line description* | ||
|
|
||
| *Description*: | ||
| >What issue is being seen? Describe what should be happening instead of | ||
| the bug, for example: Envoy should not crash, the expected value isn't | ||
| returned, etc. | ||
|
|
||
| *Repro steps*: | ||
| > Include sample requests, environment, etc. All data and inputs | ||
| required to reproduce the bug. | ||
|
|
||
| >**Note**: The [Envoy_collect tool](https://github.com/envoyproxy/envoy/blob/master/tools/envoy_collect/README.md) | ||
| gathers a tarball with debug logs, config and the following admin | ||
| endpoints: /stats, /clusters and /server_info. Please note if there are | ||
| privacy concerns, sanitize the data prior to sharing the tarball/pasting. | ||
|
|
||
| *Admin and Stats Output*: | ||
| >Include the admin output for the following endpoints: /stats, | ||
| /clusters, /routes, /server_info. For more information, refer to the | ||
| [admin endpoint documentation.](https://www.envoyproxy.io/docs/envoy/latest/operations/admin) | ||
|
|
||
| >**Note**: If there are privacy concerns, sanitize the data prior to | ||
| sharing. | ||
|
|
||
| *Config*: | ||
| >Include the config used to configure Envoy. | ||
|
|
||
| *Logs*: | ||
| >Include the access logs and the Envoy logs. | ||
|
|
||
| >**Note**: If there are privacy concerns, sanitize the data prior to | ||
| sharing. | ||
|
|
||
| *Call Stack*: | ||
| > If the Envoy binary is crashing, a call stack is **required**. | ||
| Please refer to the [Bazel Stack trace documentation](https://github.com/envoyproxy/envoy/tree/master/bazel#stack-trace-symbol-resolution). | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,56 +1,12 @@ | ||
| **WARNING: If you want to report crashes, leaking of sensitive information, | ||
| and/or other security issues, please consider | ||
| [reporting them using appropriate channels](https://github.com/envoyproxy/envoy#reporting-security-vulnerabilities).** | ||
| !!!ATTENTION!!! | ||
|
|
||
| **Issue Template** | ||
| If you are reporting *any* crash or *any* potential security issue, *do not* | ||
| open an issue in this repo. Please report the issue via emailing | ||
| envoy-security@googlegroups.com where the issue will be triaged appropriately. | ||
| Thank you in advance for helping to keep Envoy secure. | ||
|
|
||
| *Title*: *One line description* | ||
| !!!ATTENTION!!! | ||
|
|
||
| *Description*: | ||
| >Describe the issue. Please be detailed. If a feature request, please | ||
| describe the desired behaviour, what scenario it enables and how it | ||
| would be used. | ||
|
|
||
| [optional *Relevant Links*:] | ||
| >Any extra documentation required to understand the issue. | ||
|
|
||
|
|
||
|
|
||
| **Bug Template** | ||
|
|
||
| *Title*: *One line description* | ||
|
|
||
| *Description*: | ||
| >What issue is being seen? Describe what should be happening instead of | ||
| the bug, for example: Envoy should not crash, the expected value isn't | ||
| returned, etc. | ||
|
|
||
| *Repro steps*: | ||
| > Include sample requests, environment, etc. All data and inputs | ||
| required to reproduce the bug. | ||
|
|
||
| >**Note**: The [Envoy_collect tool](https://github.com/envoyproxy/envoy/blob/master/tools/envoy_collect/README.md) | ||
| gathers a tarball with debug logs, config and the following admin | ||
| endpoints: /stats, /clusters and /server_info. Please note if there are | ||
| privacy concerns, sanitize the data prior to sharing the tarball/pasting. | ||
|
|
||
| *Admin and Stats Output*: | ||
| >Include the admin output for the following endpoints: /stats, | ||
| /clusters, /routes, /server_info. For more information, refer to the | ||
| [admin endpoint documentation.](https://www.envoyproxy.io/docs/envoy/latest/operations/admin) | ||
|
|
||
| >**Note**: If there are privacy concerns, sanitize the data prior to | ||
| sharing. | ||
|
|
||
| *Config*: | ||
| >Include the config used to configure Envoy. | ||
|
|
||
| *Logs*: | ||
| >Include the access logs and the Envoy logs. | ||
|
|
||
| >**Note**: If there are privacy concerns, sanitize the data prior to | ||
| sharing. | ||
|
|
||
| *Call Stack*: | ||
| > If the Envoy binary is crashing, a call stack is **required**. | ||
| Please refer to the [Bazel Stack trace documentation](https://github.com/envoyproxy/envoy/tree/master/bazel#stack-trace-symbol-resolution). | ||
| If this is not a crash or potential security issue please use | ||
| [ISSUES.md](https://github.com/envoyproxy/envoy/blob/master/ISSUES.md) as a | ||
| template. |
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why do we have both ISSUES_TEMPLATE.md and ISSUES.md after this PR @mattklein123?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I see, this is essentially a rough version of what GH now supports through explicit template choosers.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Right, this is pre new stuff. We can definitely make this all better.