Change the way security implementation issues to be automatically closed
After https://gitlab.com/gitlab-com/gl-infra/delivery/-/issues/1074 and #1018 (closed), security merge requests targeting master
will be merged when they're ready to be processed, backports will be merged during the security release.
Since we require on the security template to close the implementation issue if it's targeting master
, security issues are automatically closed once the MR targeting master
is merged. Since the backports are still opened this automatic process needs to change.
Proposal
- Disable "Automatically close security issues" for GitLab Security.
- Implement in release-tools automatically close the security implementation issues once the Security Release finishes
- This can be the last step of the security release
- Update the security merge request template - https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab/merge_request_templates/Security%20Release.md#L26
- Update the documentation.
To do
-
Disable "Automatically close issues" on GitLab Security -
Remove the "close issue" step from the issue security template - gitlab-org/gitlab!40286 (merged) -
Remove validation from our tooling - gitlab-org/release-tools!1149 (merged) -
Implement automatic closing in our tooling - gitlab-org/release-tools!1153 (merged) -
Add command to Chatops - gitlab-com/chatops!150 (merged) -
Execute tests - #1106 (closed) -
Update security template with this step - gitlab-org/release-tools!1158 (merged) -
Update current security issue with the new step - https://gitlab.com/gitlab-org/release/tasks/-/issues/1541 -
Update documentation - gitlab-org/release-tools!1158 (merged)
Development log
- Friday 21st, the "automatic closing issues" setting was disabled on GitLab Security. However, after merging some merge requests security issues were automatically closed #1106 (comment 401113654)
- An issue was opened on GitLab canonical gitlab-org/gitlab#240922 (closed)
Tests
-
Create a test Security Release Tracking Issue - https://gitlab.com/gitlab-org/gitlab/-/issues/241749 -
Create three test security implementation issues -
Associate a merged merge request to the first two -
Associate an opened merge request to the last issue -
Execute the command with --dry-run
to ensure it's using the Test Security Release Tracking Issue - https://ops.gitlab.net/gitlab-org/release/tools/-/jobs/1706773
/chatops run release close_issues --security --dry-run
-
Execute the command and verify the security implementation issues were closed - https://ops.gitlab.net/gitlab-org/release/tools/-/jobs/1706804
/chatops run release close_issues --security
See test results #1106 (comment 403377145)
Follow ups:
- Add a validation to prevent closing issues by merge-requests - #1169 (closed)
- Print on slack what issues were closed -
- Gathering feedback about the command on #1162 (closed)
Edited by Mayra Cabrera