Clarifies how to validate release QA

What does this MR do?

Clarifies how to validate release QA

On the monthly template, one of the final steps is to validate the package deployed to the release environment has passed automated QA, this commit clarifies how to make such validation.

Slack conversation - Internal only

Example (Click to expand)

Release 14.2

First steps

• Change #f_upcoming_release topic with /topic 14.2.0: <link_to_this_issue>
• Modify the dates below to accurately reflect the plan of action

Up until the 17th

• Ensure any deploys that do not make it to canary are investigated. Disable canary if necessary.
• Push any successful deploy to canary into production after some time has passed (preferably 1h).
• Should any deployment blockers prevent automatic promotions to production, this requires approval by the SRE On-Call.
  1. Ask for permission to promote the release in #production - provide the necessary context to the Engineer
  2. If permission is granted, utilize the following command to initiate an overridden promotion:

  /chatops run deploy <VERSION> --production --ignore-production-checks 'deployment approved by on call SRE'

  1. This will post a comment into this issue and begin the deployment
  2. Ask the SRE On-Call to respond to the comment with their approval for auditing purposes

17th

If this date is on a weekend, do this work on the next working day

• Find the latest sha that made it into production successfully: sha
• Notify Engineering Managers and developers that this is the sha that is guaranteed to be released on the 22nd:

  /chatops run notify ":mega: This is the most recent commit running on GitLab.com and this is guaranteed to be released on the 22nd.
  https://gitlab.com/gitlab-org/security/gitlab/commits/<SHA>
  Please see the following documentation on what this means:
    * `https://about.gitlab.com/handbook/engineering/releases/#how-can-i-determine-if-my-merge-request-will-make-it-into-the-monthly-release`
    * `https://about.gitlab.com/handbook/engineering/releases/#when-do-i-need-to-have-my-mr-merged-in-order-for-it-to-be-included-into-the-monthly-release`"

18th

If this date is on a weekend, do this work on the last Friday before the 18th.

• Log latest auto-deploy branch: BRANCH_NAME
• Ensure this build makes it through into production
• Grab the sha from this new auto-deploy branch and notify Engineering Managers and developers that this is the candidate sha for the release:

  /chatops run notify ":mega: This is the _candidate_ commit to be released on the 22nd.
  https://gitlab.com/gitlab-org/security/gitlab/commits/<SHA>
  Further deployments may result in the final commit being different from the candidate. Please see the following documentation on what this means:
    * `https://about.gitlab.com/handbook/engineering/releases/#how-can-i-determine-if-my-merge-request-will-make-it-into-the-monthly-release`
    * `https://about.gitlab.com/handbook/engineering/releases/#when-do-i-need-to-have-my-mr-merged-in-order-for-it-to-be-included-into-the-monthly-release`"

20th: two working days before the release

If this date is on the weekend, do this work on the last Friday before the 20th.

• Determine what the last green auto deploy branch is and add it here: BRANCH

• Create a RC version to ensure that the final version builds correctly

  # In Slack:
  /chatops run release tag 14.2.0-rc42

This will use the latest commit deployed to production for the various components that we release. If a different commit is necessary for a component, such as GitLab, you should run the following instead:

/chatops run release tag 14.2.0-rc42 --gitlab-sha=XXX

This will then use XXX as the SHA to create the GitLab stable branches.

NOTE: this SHA is only used if the stable branch has yet to be created. If it already exists, the branch is left as-is.

• Verify that the CE stable branch contains the right commits

  • There should be at least two commits: the last commit from the previous stable branch (usually a version update), and the sync commit created by the merge train.
  • The sync commit will have the message "Add latest changes from gitlab-org/gitlab@14-2-stable-ee"

• Notify Engineering Managers and developers that final candidate has been created:

  /chatops run notify ":mega: The stable branch has been created and the release candidate is tagged. Barring any show-stopping issues, this is the final commit to be released on the 22nd.
  https://gitlab.com/gitlab-org/security/gitlab/-/commits/14-2-stable-ee "

• Verify that the RC has been deployed to the pre environment

21st: one day before the release

• Confirm that final RC version has passed automated tests
  • Ensure tests are green on CE stable branch
  • Ensure tests are green on EE stable branch
  • Ensure tests are green on Omnibus
  • Ensure default and stable branches are synced: /chatops run mirror status
• Tag 14.2.0:

  # In Slack:
  /chatops run release tag 14.2.0

  • Check progress of EE packages build and CE packages build
• Validate 14.2.0 has been deployed to the release environment

Instructions for manual deploy

    ```sh
    # In Slack:
    /chatops run deploy 14.2.0-ee.0 --release
    ```

• Validate 14.2.0 has been passed automated QA by ensuring the release-gitlab-qa-smoke job from the release deploy pipeline is green.

Past this point, no new code can be added to the release that was not included in the final RC.

22nd: release day

Final release is tagged, so any changes will have to initiate a patch release.

• At 13:00 UTC, post an update about the package building status in #f_upcoming_release

  :mega: Packages for 14.2.0 are built and will be published at 13:30UTC

• At 13:30 UTC:
  • ⚠ Make sure that neither packages nor the blog post get published earlier than 13:30UTC without approval by the messaging lead of the release post. Mind that you don't need their approval if you're on time ⚠
  • Publish the packages via ChatOps:

    # In Slack:
    /chatops run publish 14.2.0

  • If anything goes wrong and the release is delayed, ping the release post manager on Slack to make them aware of the issue. Cross-post the slack message to the #marketing channel to notify them too
• At 14:10 UTC:
  • Verify that EE packages appear on packages.gitlab.com: EE (should contain 14 packages)
  • Verify that CE packages appear on packages.gitlab.com: CE (should contain 13 packages)
  • Verify that Docker images appear on hub.docker.com: EE / CE
  • Post an update about the status in #f_upcoming_release

  :mega: 14.2.0 is published and publicly available

  • Once all packages are available publicly and GitLab.com is up and running on the release version, ping the release post manager on Slack (#release-post channel) to give them a go to merge the release post at ~14:20 UTC, so that it will be live at 15:00 UTC
  • Create the 14.2.0 version on version.gitlab.com

Author Check-list

• Has documentation been updated?