Autodeploy gitlab-shell
Per this epic: &99 satellite projects of gitlab
can be integrated into gitlab releases in a few different ways.
We have what I call "autodeploy", which is how gitaly gets deployed.
Workhorse is being merged into the gitlab repository, so the problem goes away: gitlab-org&4826 (closed)
GitLab Shell is still integrated by gitlab-shell maintainers cutting new tags, updating GITLAB_SHELL_VERSION
, and managing stable branches manually. For a security release, all this happens in gitlab-org/security/gitlab[-shell]
before the security release is completed, and the changes must be synced manually back to gitlab-org/gitlab-shell
after the release is completed - often with a noticeable delay.
The GitLab test suite doesn't make use of gitlab-shell, but the gitlab-qa test suite does. I think we should:
-
Add a smoke test to the gitlab suite so an invalid value in GITLAB_SHELL_VERSION
causes the pipeline to fail -
Migrate gitlab-shell to use autodeploy -
Update documentation https://gitlab.com/gitlab-org/gitlab-shell/#releasing-a-new-version
I think this is sufficient test coverage, and that adding more tests to the gitlab
repository wouldn't be suitable.
This will reduce toil for gitlab-shell maintainers and simplify security releases involving gitlab-shell for release managers.
GitLab Shell has recently migrated to main
as its default branch, so it's also a good test of the code being written to support that in delivery.
cc @nolith @sean_carroll @patrickbajao @ashmckenzie @mayra-cabrera @igor.drozdov