Skip to content
GitLab
Next
    • GitLab: the DevOps platform
    • Explore GitLab
    • Install GitLab
    • How GitLab compares
    • Get started
    • GitLab docs
    • GitLab Learn
  • Pricing
  • Talk to an expert
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
    Projects Groups Topics Snippets
  • Register
  • Sign in
  • GitLab GitLab
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributor statistics
    • Graph
    • Compare revisions
    • Locked files
  • Issues 55.2k
    • Issues 55.2k
    • List
    • Boards
    • Service Desk
    • Milestones
    • Iterations
    • Requirements
  • Merge requests 1.6k
    • Merge requests 1.6k
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Artifacts
    • Schedules
    • Test cases
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages and registries
    • Packages and registries
    • Package Registry
    • Container Registry
    • Terraform modules
    • Model experiments
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Code review
    • Insights
    • Issue
    • Repository
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • GitLab.orgGitLab.org
  • GitLabGitLab
  • Issues
  • #273418
Closed
Open
Issue created Oct 28, 2020 by Mark Florian@markrian🔴Maintainer

[Feature flag] Enable `core_security_mr_widget_downloads` by default

What

This tracks the enablement of the :core_security_mr_widget_downloads feature flag, added in #249544 (closed).

Owners

  • Team: groupstatic analysis (frontend)
  • Most appropriate slack channel to reach out to: #s_secure-frontend
  • Best individual to reach out to: @markrian

Expectations

What are we expecting to happen?

A dropdown should appear on the security MR widget (see &4394), allowing users to download security report artifacts. Applies to non-Ultimate projects only.

What might happen if this goes wrong?

  • Users might see a Failed to get security report information, similar to #272983 (closed).

Beta groups/projects

If applicable, any groups/projects that are happy to have this feature turned on early. Some organizations may wish to test big changes they are interested in with a small subset of users ahead of time for example.

  • markrian-test/secrets-detection-test project

Roll Out Steps

  • Confirm that QA tests pass with the feature flag enabled (if you're unsure how, contact the relevant stable counterpart in the Quality department)
  • Enable on staging (/chatops run feature set core_security_mr_widget_downloads true --staging)
  • Test on staging
  • Ensure that documentation has been updated
  • Enable on GitLab.com for individual groups/projects listed above and verify behaviour (/chatops run feature set --project=markrian-test/secrets-detection-test core_security_mr_widget_downloads true)
  • Coordinate a time to enable the flag with the SRE oncall and release managers
    • In #production mention @sre-oncall and @release-managers. Once an SRE on call and Release Manager on call confirm, you can proceed with the rollout
  • Announce on the issue an estimated time this will be enabled on GitLab.com
  • Enable on GitLab.com by running chatops command in #production (/chatops run feature set core_security_mr_widget_downloads true)
  • [-] Cross post chatops Slack command to #support_gitlab-com (more guidance when this is necessary in the dev docs) and in your team channel - not doing this, since this should be low-impact
  • Announce on the issue that the flag has been enabled

Rollback Steps

  • This feature can be disabled by running the following Chatops command:
/chatops run feature set core_security_mr_widget_downloads false
Edited Dec 10, 2020 by Mark Florian
Assignee
Assign to
Time tracking