Improvements for the security release Slack notification
When processing security merge requests through the /chatops run release merge --security command, a notification is sent to Slack informing what security issues are pending and which ones were processed:
Although informative, the command output is not super helpful:
- It's not accurate - The security issues reported -
20on the image above - don't match the ones listed onPendingandProcessedsections. - It implies additional work - Aside from triggering the command, the release manager needs to know which merge requests were already merged. Having this information handy helps release managers to continue with the next steps of the security release https://gitlab.com/gitlab-org/release/tasks/-/issues/3365#note_820165496
Proposal
Update the output of the /chatops run release merge --security to return a comment indicating the security issues' status. Example:
Processed
Security issues
| issue |
master merged? |
backports merged? | Notes |
|---|---|---|---|
| https://gitlab.com/gitlab-org/security/gitlab/-/issues/123 | |||
| https://gitlab.com/gitlab-org/security/gitlab/-/issues/345 | |||
| https://gitlab.com/gitlab-org/security/gitlab/-/issues/679 | Not ready |
Details
- The comment should be posted in the Security Release task issue (on
release/tasks) - First execution of the
release mergecommand will post a comment and build the table. - Upcoming executions will update the same comment.
- Same comment should be used for both version of the security command (with
--default-branchand without it)
Edited by Mayra Cabrera