Add a ChatOps command to generate Security Release Tracking Issue
Security Release Tracking Issues are manually generated using a template. It'd be great to have a chatops command to generate this automatically
Proposal
Add a ChatOps command to generate this issue, something like
/chatops run security tracking_issue --prepare
Implementation steps
- Add a rake task that create the template on
release-tools
- Add the new command on ChatOps that execute the task on
release-tools
- Modify the security template so Release Managers create a new security release tracking issue as the last step
- Modify documentation to indicate AppSec the security release tracking issue is automatically created
- Remove the template from GitLab
To do
-
Implement the new rake task on release-tools and ChatOps -
Test the new command -
Update the security release patch template - gitlab-org/release-tools!1295 (merged) -
Remove the template from GitLab - gitlab-org/gitlab!48188 (merged) -
Update the documentation on release/docs - gitlab-org/release/docs!303 (merged)
Testing
- Initial testing failed due to:
- A mismatch between the class trigger by the rake task and the class itself. Fixed by gitlab-org/release-tools!1276 (merged), fixed by https://ops.gitlab.net/gitlab-org/release/tools/-/jobs/2336806
-
version
wasn't responding tomilestone_name
fixed by gitlab-org/release-tools!1282 (merged) - Wrong location of the template fixed by gitlab-org/release-tools!1283 (merged)
- On https://ops.gitlab.net/gitlab-org/release/tools/-/jobs/2369211 Security Tracking Issue was successfully created https://gitlab.com/gitlab-org/gitlab/-/issues/284180. There are some issues:
- It uses the wrong milestone, it should use 13.7 instead of 13.6
- It should set the due date to be the last day of the month
- "~upcoming security release" label is not set correctly
- It should be assigned the current release managers.
- After gitlab-org/release-tools!1290 (merged), the Security Release Tracking Issue was successfully generated https://gitlab.com/gitlab-org/gitlab/-/issues/285270
Edited by Mayra Cabrera