Skip to content
GitLab
Next
    • GitLab: the DevOps platform
    • Explore GitLab
    • Install GitLab
    • How GitLab compares
    • Get started
    • GitLab docs
    • GitLab Learn
  • Pricing
  • Talk to an expert
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
    Projects Groups Topics Snippets
  • Register
  • Sign in
  • GitLab GitLab
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributor statistics
    • Graph
    • Compare revisions
    • Locked files
  • Issues 55.2k
    • Issues 55.2k
    • List
    • Boards
    • Service Desk
    • Milestones
    • Iterations
    • Requirements
  • Merge requests 1.6k
    • Merge requests 1.6k
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Artifacts
    • Schedules
    • Test cases
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages and registries
    • Packages and registries
    • Package Registry
    • Container Registry
    • Terraform modules
    • Model experiments
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Code review
    • Insights
    • Issue
    • Repository
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • GitLab.orgGitLab.org
  • GitLabGitLab
  • Issues
  • #207474
Closed
Open
Issue created Feb 21, 2020 by Jarka Košanová@jarka🔴Maintainer

Roll Out confidential_notes

What

Remove the :confidential_notes feature flag ...

Owners

  • Team: groupproduct planning
  • Most appropriate slack channel to reach out to: #g_product-planning
  • Best individual to reach out to: @felipe_artur, @jprovaznik, @egrieff

Beta groups/projects

If applicable, any groups/projects that are happy to have this feature turned on early. Some organizations may wish to test big changes they are interested in with a small subset of users ahead of time for example.

  • gitlab-org/gitlab project
  • gitlab-org/gitlab-com groups
  • ...

Verify confidentiality is respected

  • When viewing the issue, if i'm not a member of the project, I should not be able to see confidential comments.
  • When viewing the activity feed in a users profile, I should not see activity for confidential comments in projects where i am not a member.
  • When being removed from a project, I can no longer see confidential comments (maybe applicable to public projects only)
  • When my group/project share is removed, I can no longer see confidential comments.
  • When querying the notes for a project that I am not a member of, I should not see confidential comments.
  • RSS Feed (#326061 (closed))
  • User, project activity feeds (#326210 (closed))
  • New comment notifications from Service Desk #329366 (closed)

Issue for additional checks: https://gitlab.com/gitlab-org/gitlab/-/issues/351144+

Roll Out Steps

  • Enable on staging (/chatops run feature set confidential_notes true --staging)
  • Test on staging
  • Ensure that documentation has been updated
  • Enable on GitLab.com for individual groups/projects listed above and verify behaviour (/chatops run feature set --project=gitlab-org/gitlab confidential_notes true)
  • Coordinate a time to enable the flag with the SRE oncall and release managers
    • In #production mention @sre-oncall and @release-managers. Once an SRE on call and Release Manager on call confirm, you can proceed with the rollout
  • Announce on the issue an estimated time this will be enabled on GitLab.com
  • Enable on GitLab.com by running chatops command in #production (/chatops run feature set confidential_notes true)
  • Cross post chatops Slack command to #support_gitlab-com (more guidance when this is necessary in the dev docs) and in your team channel
  • Announce on the issue that the flag has been enabled
  • Remove feature flag and add changelog entry
  • After the flag removal is deployed, clean up the feature flag by running chatops command in #production channel

Rollback Steps

  • This feature can be disabled by running the following Chatops command:
/chatops run feature set --project=gitlab-org/gitlab confidential_notes false
Edited May 16, 2022 by Eugenia Grieff
Assignee
Assign to
Time tracking