Notify Release Managers if a security merge request was not merged
Security merge requests targeting master
are merged by triggering a pipeline and setting MWPS, if the pipeline fails the merge request is not merged. Currently, the Release Manager is not notified about this failure, the only way to find out is for the release manager to review each security issue, find the security merge request targeting master
and confirm the merge request status.
We should:
- Build some sort of notification in our tooling (short-term fix)
- Consider (and collaborate) how this notification can be built-in in our product (long-term fix)