Skip to content

Roll Out confidential_notes

What

Remove the :confidential_notes feature flag ...

Owners

  • Team: groupproduct planning
  • Most appropriate slack channel to reach out to: #g_product-planning
  • Best individual to reach out to: @felipe_artur, @jprovaznik, @egrieff

Beta groups/projects

If applicable, any groups/projects that are happy to have this feature turned on early. Some organizations may wish to test big changes they are interested in with a small subset of users ahead of time for example.

  • gitlab-org/gitlab project
  • gitlab-org/gitlab-com groups
  • ...

Verify confidentiality is respected

  • When viewing the issue, if i'm not a member of the project, I should not be able to see confidential comments.
  • When viewing the activity feed in a users profile, I should not see activity for confidential comments in projects where i am not a member.
  • When being removed from a project, I can no longer see confidential comments (maybe applicable to public projects only)
  • When my group/project share is removed, I can no longer see confidential comments.
  • When querying the notes for a project that I am not a member of, I should not see confidential comments.
  • RSS Feed (#326061 (closed))
  • User, project activity feeds (#326210 (closed))
  • New comment notifications from Service Desk #329366 (closed)

Issue for additional checks: https://gitlab.com/gitlab-org/gitlab/-/issues/351144+

Roll Out Steps

  • Enable on staging (/chatops run feature set confidential_notes true --staging)
  • Test on staging
  • Ensure that documentation has been updated
  • Enable on GitLab.com for individual groups/projects listed above and verify behaviour (/chatops run feature set --project=gitlab-org/gitlab confidential_notes true)
  • Coordinate a time to enable the flag with the SRE oncall and release managers
    • In #production mention @sre-oncall and @release-managers. Once an SRE on call and Release Manager on call confirm, you can proceed with the rollout
  • Announce on the issue an estimated time this will be enabled on GitLab.com
  • Enable on GitLab.com by running chatops command in #production (/chatops run feature set confidential_notes true)
  • Cross post chatops Slack command to #support_gitlab-com (more guidance when this is necessary in the dev docs) and in your team channel
  • Announce on the issue that the flag has been enabled
  • Remove feature flag and add changelog entry
  • After the flag removal is deployed, clean up the feature flag by running chatops command in #production channel

Rollback Steps

  • This feature can be disabled by running the following Chatops command:
/chatops run feature set --project=gitlab-org/gitlab confidential_notes false
Edited by Eugenia Grieff