[Compliance] - PR Template Changes Required

[compliance-pr-automation-bot]

This repository has been identified as part HCP's compliance boundary (either directly or transitively as a dependency of another repository) and requires updates to its associated PR template. This PR adds the suggested template changes, but you may reformat them in a way that makes sense for your repository and workflow.

What you need to do:

• Review the PR template changes proposed in this PR
• (Optional) Make any edits as necessary, ensuring that the comment including heimdall_github_prtemplate is preserved
• Approve and merge the PR

[tgross]

None of these items seem to apply to any of the open source repositories that this bot has made this PR to.

[sonamtenzin2]

Hey @tgross, the bot is raising PRs as per the templates provided by the compliance team. The details are mentioned in this doc - https://hashicorp.atlassian.net/wiki/spaces/SEC/pages/2854846483/PCI+PR+Template

I think the first line is pretty generic and can be applied to any repository. The second and third lines, in any case, add an if applicable in case the change getting added does not align with them. Adding @Recurzion to keep him in the loop

[tgross]

I know the context for why it's being added. But you might recall that this is an open source library, so it's an inappropriate control.

[tgross]

Or maybe a better way of putting that is that the template you want here is inappropriate, rather than the control itself. It's fine to have a template, whatever, but that template should reflect the fact that this is an open source library (with external contributors!).

[sonamtenzin2]

Sure @tgross, we have proposed a new template for public repositories which should be more suitable - https://github.com/hashicorp/test-compliance-pr-automation/pull/9/files (subject to approval for PCI)

[sonamtenzin2]

Moving ahead with the new template for now, let me know in case anything else is required