Skip to content

Adds automation to create comms task issue

Mayra Cabrera requested to merge create-comms-issue into master

What does this MR do and why?

Introduces classes, CI, tasks and templates to automatically create the comms security task issue:

Related to https://gitlab.com/gitlab-com/gl-infra/delivery/-/issues/19983

Testing

Dry-run

15:38:06 ❯ TEST=true rake security:prepare:comms_issue
Click to expand

Patch release: 17.0.2, 16.11.4, 16.10.7

Patch Release Blog Email Alerts

This template is used to request and create email alerts to be sent to the ~"Security Alert" segment to announce a new Patch Release Blog. Email Alert will NOT be sent out until blog post is live and link is tested.

Marketo Link to clone from: YYYYMMMDD_SecurityReleaseTemplate

Email/Release Information

  • Release Number: 17.0.2, 16.11.4, 16.10.7
  • Is this a critical (CR), coordinated (CO) or normal release (NO)? CR/CO/NO
    • Note: If this is critical, you must note in subject line
  • Subject Line: <!-- Example: GitLab [insert Critical or Coordinated if necessary] Patch Release XXXXXX --->
  • Blog URL:
    • Note: In email token, leave off https://
    • URL follows naming convention of about.gitlab.com/releases/year/month/day/ then/critical-patch-release-gitlab-XX-XX-XX-released or /patch-release-gitlab-XX-XX-XX-released
      • Note: coordinated security releases are still mentioned with the same URL naming convention as regular ones.
  • Expected Blog Publication Date: 2024-06-12
  • Expected Blog Publication Time:
  • Are there any additional information marketing should know / include / exclude from the email:
  • Choose statement: (if the first, please note which versions need to be updated)
    • This version contains important security fixes, and we strongly recommend that GitLab installations running XXXX be upgraded immediately. GitLab.com is already running the patched version.
    • These versions contain important security fixes and we strongly recommend that all GitLab installations be upgraded to one of these versions immediately

Email review checklist (MktgOps):

  • Marketo Campaign Link:
  • Update program tokens with the above information
  • Sent a sample to submittor for approval (can be completed prior to blog going live)
  • Confirmed correct version numbers in email header?
  • Confirmed correct version numbers in email body?
  • Confirmed correct statement in email body?
  • Reviewed test email, confirmed content, format and blog links?
    • Compared content against the blog post?

cc @lasayers @emccrann as legal stakeholders and @gitlab-com/marketing/corporate_marketing/security-communications for corporate communications

/assign @bweatherford

Test Issue

Note: The code was modified to prevent spamming.

Click to expand 
diff --git a/lib/release_tools/security/comms_task_issue.rb b/lib/release_tools/security/comms_task_issue.rb
index 39848eae..c29c81ac 100644
--- a/lib/release_tools/security/comms_task_issue.rb
+++ b/lib/release_tools/security/comms_task_issue.rb
@@ -7,7 +7,7 @@ module ReleaseTools
       include ReleaseTools::Security::IssueHelper

       def title
-        "Patch release: #{versions_title}"
+        "TEST - Patch release: #{versions_title}"
       end

       def confidential?
diff --git a/templates/patch_release/comms_task_issue.md.erb b/templates/patch_release/comms_task_issue.md.erb
index 8932f6bc..524c2440 100644
--- a/templates/patch_release/comms_task_issue.md.erb
+++ b/templates/patch_release/comms_task_issue.md.erb
@@ -32,6 +32,3 @@ Marketo Link to clone from: [YYYYMMMDD_SecurityReleaseTemplate](https://engage-a
 * [ ] Reviewed test email, confirmed content, format and blog links?
   + [ ] Compared content against the blog post?

-cc `@lasayers` `@emccrann` as legal stakeholders and `@gitlab-com/marketing/corporate_marketing/security-communications` for corporate communications
-
-/assign `@bweatherford`

Pipeline

https://gitlab.com/gitlab-org/release-tools/-/pipelines/1328312946

Author Check-list

  • [-] Has documentation been updated?
Edited by Mayra Cabrera

Merge request reports