Automate backport merging steps for stable branches security MRs
What does this MR do and why?
Describe in detail what your merge request does and why.
Content
Automate backport merging steps for stable branches security MRs
- Add two new CI jobs and stages to the patch release pipeline to notify and perform backport merging.
- Add a corresponding Slack notification message.
- Add a corresponding rspec.
Ref: gitlab-com/gl-infra/delivery#20190 (closed)
Testing
Pipeline creation
This was tested in this repo (gitlab-org/release-tools
), just to see that the pipeline gets created as we expect it.
With |
With |
---|---|
(note that the |
|
Configuration testing
This was to test the configuration of the pipeline (the job order).
Step | Screenshot |
---|---|
Change notification channel for testing (Testing commit) | |
Initialized as manual pipeline (Pipeline) | |
After security_release:early_merge:start is manually triggered |
|
Slack notification (Link) | ![]() |
After security_release:early_merge:start is completed successfully, it starts security_release:early_merge stage |
![]() |
Execution testing
This was to actually test the execution of the job calling the bundle exec rake 'security:merge[:merge_default:'true']'
. I created a test issue to not actually merge the MRs associated with the actual security issue.
Step | Screenshot/link |
---|---|
Disabled |
|
Created an empty test patch release issue with upcoming security release |
|
Tested locally that |
|
Pipeline manually started |
https://ops.gitlab.net/gitlab-org/release/tools/-/pipelines/3384714 |
Slack notification (link) |
|
|
|
Pipeline successfully finished | |
Removed label and closed the issue, re-enabled the pipeline schedule |