Security preparation pipeline: mirror status should only post full output when something is broken
Proposal
The security_release_prepare:mirror_status
job posts the mirror output to slack by kicking off a chatops pipeline that posts the status. The problem is, it is not obvious that a release manager needs to be looking at this output.
The output for a release manager should be:
- On mirror success - they receive a slack notification if the job was successful without printing the entire mirror status.
- On mirror failures - they receive a slack notification that the job was not successful and the mirror status is either printed in slack or in the job log. Optimally only the failed mirror projects are printed so the release manager only sees the specific projects that require action. This comment gives a suggestion on how to accomplish this.
Additionally, the Update: it already does thissecurity_release_prepare:mirror_status
job should fail if there are any broken mirrors. Currently, both the job and the downstream chatops pipeline will succeed even if mirroring has failed because it has succeeded in fetching the status and posting the message.
Notes
- The mirror status command logic lives in chatops and should be relocated to release-tools. This is a good time to make that move in #19333 (closed)