This article is used for creating a new project in Secure DevOps (SDO) Enterprise.  It goes beyond the initial service desk request and describes how to configure your project once it has been created.

Step-by-step guide

Preparation for submitting a new project request

Ask the following questions and gather the answers based on your project's needs.

• Environment
  • Have you reviewed the Secure DevOps CONOPS?

• SDO Tool Selection

  • Which tools offered by SDO will your project be using?

  • Agile Management & Collaboration

    • Bitbucket
    • Confluence
    • Fisheye/Crucible
    • Jira
    • Mattermost

• • SDO Pipeline
    • Ansible
    • Artifactory *(requires Project setup by SDO Administrator)
    • Bamboo *(requires Project setup by SDO Administrator)
    • Cucumber
    • CxSAST *(requires Project setup by SDO Administrator)
    • Docker
    • Gradle
    • Jenkins
    • JMeter
    • Junit
    • Kubernetes
    • SeleniumGrid
    • SonarQube *(requires Project setup by SDO Administrator)
    • Xray (*requires Project setup by SDO Administrator)
  • Review Tools Roles & Responsibilities for details.
• User Management
  
  • Who are the employees that need to be added to the project?
  • What are the project roles (e.g., Project Administrator, Developer, Tool Chain Administrator, Build Lead, Deployment Lead, Security Lead, Tester, Reviewer Support)?
  • Does the project require customers or subcontractors access to the project?
    • Identify the user names and their roles. *This may require security token and other security access steps.
• Project Customization
  
  • Review the default workflows for the selected tools. Will customization be required?
  • Review the default issue types in Jira. Will customization be required? If customization is required, you will need to create a separate customization request through the SDO Service Desk.
  • Will you be bringing any of your own tools to the SDO Build toolchain? 
    • Will these non-SDO tools be hosted in ECM within your own VPC such that they can be used within your project toolchain?
    • What are the requirements for the non-SDO offered tools?
    • Are you willing to work with the SDO team ensuring the integration and access to non-SDO tools operate properly within the SDO environment? 
    • NOTE: There will be AWS costs associated with establishing your own VPC to host non-SDO tools. There will be required configurations between your project VPC and the SDO VPC that must be planned, reviewed, and approved by ITS and CISO. Non-SDO tools will need to be assessed by CIS Risk Management for known vulnerabilities and approved before they can be installed, integrated, and used with SDO.

Request New Project Steps

1. Use the answers from the preparation above to login to the SDO Service Desk and request a new project.
   
   1. Enterprise Hosted Projects - the project will be hosted in the SDO environment.
2. After the new project request has been submitted, the SDO Administrator will provide the products for you.  Depending on complexity and customization, the SDO Administrator may need to conduct an engineering meeting with your team. You will receive email updates through the SDO Service Desk system.
3. Once the products have been provisioned, you will receive an email from the SDO Service Desk with a Welcome to SDO comment and a request for you to verify access.  The Welcome details will include the following:
   1. URL to each product that has been provisioned for your project
   2. URL to the SDO Knowledge Board articles as needed for the products provisioned for your project.
4. Once you receive the confirmation your project has been provisioned attempt to login to each of the product URLs in your welcome message.
   1. You must be connected to the Leidos network (VPN or direct).
   2. Use your Leidos credentials (username and password)
   3. Confirm you can see your project landing page (Confluence = Space, Jira = Board)
5. If you have requested Confluence, go to this article for details on what you need to do to complete the onboarding process and take ownership of your project space.
   If you have requested the Bamboo Pipeline, go to the Bamboo articles such as adding repositories, repository permissions, using ssh, configuring the Per Build Plan, etc.
6. If you have requested Artifactory, go to Artifactory  articles for configuring access to the repository.
7. If you have requested CxSAST, go to CxSASTarticles for configuring access and running vulnerability scans.
8. Every project has access to a SDO Dashboard. Use this article for configuring your project's Dashboard.

Related articles

Related articles appear here based on the labels you select. Click to edit the macro and add or change labels.