Summary of learnings in work with release supervisors/contractors

We have now been working with contractors in the deliveryrelease-supervisors role for 1 month. This issue is meant to discuss some of the areas we have learnings and struggles related to getting them into release management workflows.

Cumbersome slack workflow

Contractors do not have open access to slack. A slack workspace admin needs to add them to slack channels, we cannot invite by mention in say an incident channel and we cannot make a custom slack group @release-supervisors for them. We are investigating if we can leverage chatops to add them to channels, but the incident workflow may just always rely on grouprelease-and-deploy @release-managers to be involved.

Triggering pipelines

deliveryrelease-supervisors generally have developer roles in projects. In some cases, like pipeline retries for QA failures and auto-deploy promotion, these are on protected branches, which require more than developer role permissions.

1. We have developed an auto deploy promote chatops command
2. We are developing a generic retry job chatops command
3. We have added to a feature request for custom roles to include more permissions on retrying jobs.

Existing access requests tracking projects additions:

• https://gitlab.com/gitlab-com/temporary-service-providers/lifecycle/-/issues/2685
• https://gitlab.com/gitlab-com/temporary-service-providers/lifecycle/-/issues/2700
• example (1 of 5) initial onboarding/access issue