Add a security release pipeline job for generating a blog post
Proposal
Add a job to the security release pipeline that will run the rake:patch_blog_post
task. The job should be in a new stage. This could be security_release:generate_blog
, or since this job will likely eventually live in a merge_day
stage, we could just start by naming the stage that now.
It should include a start
job that is manually triggered by release managers and in the security_patch
template, we should remove:
- [ ] Post the following message to `#sec-appsec` in Slack: `<security-release-manager> We are starting the [security release](<link to this issue>), aiming for release tomorrow. Please create a blog post MR on gitlab-org/security/www-gitlab-com.`
- [ ] Once the blog post MR has been created by the security release manager, add a link to it here: `https://gitlab.com/gitlab-org/security/www-gitlab-com/-/merge_requests/`
- [ ] Fetch the list of non-security MRs that will be included in these releases:
\```sh
/chatops run release pending_backports
\```
- [ ] Crosslink the list to `#sec-appsec` letting the security release manager these should be included in the blog post.
from the One day before the due date
section and add:
- [ ] Start the `security_release_generate_blog:start` stage of the security release pipeline: <%= security_pipeline.web_url %> ``
To do
-
Implement the job on the security release pipeline gitlab-org/release-tools!2695 (merged) -
Test gitlab-org/release-tools!2695 (merged)
After testing
-
Unprotect the branch from ops -
Delete the branch from ops
Edited by Mayra Cabrera