Allow for security commands to have their own namespace
Security commands are executed by appending --security
to the release
command, as a result security commands can get too verbose:
/chatops run release prepare --security
/chatops run release prepare --security --critical
/chatops run release merge --security
/chatops run release tag --security 12.7.6
/chatops run release sync_remotes --security
/chatops run release sync_remotes --dry-run --security
/chatops run release close_issues --security
Proposal
With Security Release being substantially different than a regular patch release, I believe it's time to create a security
namespace in ChatOps. I can see two advantages:
- Security commands will be succinct and easy to remember, we could use
/chatops run security prepare
rather than/chatops run release prepare --security
- We can do some cleaning on the
release
command; some of the subtasks are specific to the security process (sync_remotes
,close_issues
, and there's another one coming up #1144 (closed)). - With the introduction of
security_status
it might now make sense to introduce a dedicatedsecurity
command that has its own sub-commands such asmerge
andstatus
.
Implementation details
- Create a namespace on ChatOps that maps the
security
command to the security task on release-tools - Modify the release-tools task accordingly (this might not be necessary)
- Update the doc tasks https://gitlab.com/gitlab-org/release-tools/-/blob/master/doc/rake-tasks.md#security-tasks
- Update the security docs https://gitlab.com/gitlab-org/release/docs/-/blob/master/general/security/release-manager.md
- Update release-tools templates to use the new command.
Edited by Robert Speicher