Add sync tag check to sec release pipeline
🔭 What does this MR do and why?
We are working to automate the Final Steps of the security release process.
This MR adds a job that checks if the tags have been synced back to canonical. When it fails, the job log contains a list of the tags that were not found and a link to check the tags manually.
Related to gitlab-com/gl-infra/delivery#19444 (closed)
🌃 Testing
To test, I pushed a modified branch to the ops instance that only ran the new job and posted all slack notifications to a test channel.
To test the failing scenario ("Unsuccessful job"), I removed .map(&:previous_patch) from the CheckCanonicalTagsSynced initializer. This caused the next set of versions to be checked, which does not yet exist.
| Description | Reference |
|---|---|
| Environment variables |  |
| Pipeline |  |
| Successful job | https://ops.gitlab.net/gitlab-org/release/tools/-/jobs/10708061 |
| Successful slack output |  |
| Unsuccessful job | https://ops.gitlab.net/gitlab-org/release/tools/-/jobs/10708065 |
| Failing slack output |  |
📝 Author Check-list
- [-] Has documentation been updated?
Edited by Steve Abrams