omantel ci/cd workflows under development

# omantel ci/cd workflows under development - identify application sources - collect and classify all application sources according to application implementation, type, group, stakeholders and audience - implement maturity scoring engine based on application metadata - produce summary reporting of landscape maturity in clickup - notify stakeholders by email summary when maturity scores change and provide links to clickup reports - create observations in clickup representing ongoing development work recorded in gitlab and jecnkins - observe gitlab commits and pushes - observe jenkins builds - create clickup folders representing the gitlab namespace (group) if they don't yet exist in clickup - create clickup subfolders representing the gitlab repo (application), under the correct namespace/group folder, if they don't yet exist in clickup - report git pushes and component commit messages to clickup under the appropriate folder and subfolder - report resulting jenkins build statuses to clickup under the appropriate folder and subfolder - notify relevant developers and stakeholders through msteams about the clickup event and provide a link to the specific clickup event to allow modification of the generated clickup content - observe and prioritise security incidents - observe azure sentinel incident reports - develop a rules engine to recognise and classify incidents using string matching, rule mappings and incident classification owners - create incident summary reports taking care to filter out sensitive and personally identifiable information - send email notification summaries with sensitive data removed, to the incident classification owner along with links to the protected sentinel interfaces for in-depth analysis. - create high level incident count reports in clickup and notify relevant stakeholders with msteams providing links to the clickup reports - vulnerability scanning - observe gitlab repository commits - observe jenkins builds - observe openshift deployment records - observe kibana reports - observe cve list - develop a rules engine to recognise and classify vulnerabilities using string matching, certificate validation, container definitions, dependency version checking, cve list, rule mappings and vulnerability classification owners - create vulnerability summary reports taking care to filter out sensitive and personally identifiable information - send email notification summaries with sensitive data removed, to the vulnerability classification owner along with links to the protected sentinel interfaces for in-depth analysis. - create high level vulnerability count reports in clickup and notify relevant stakeholders with msteams providing links to the clickup reports