Skip to content

Add verify blog post job in patch release pipeline

Jenny Kim requested to merge jennykim/validate-blog-merge into master

What does this MR do and why?

Addressing gitlab-com/gl-infra/delivery#20391 (closed), this MR adds a follow-up job to the security_release:publish stage to verify that the canonical blog post MR has been merged successfully after it's been set to MWPS by security_release_publish:deploy_blog_post job.

As described in that issue above, the deploy_blog_post job would run successfully, notify that it's run successfully, and the blog post MR's merge pipeline may fail, leaving the release managers unaware that the blog post hasn't actually been merged and deployed properly.

This job aims to address that gap by checking 30 minutes after the MR's been set to MWPS that it's actually been merged.

Testing

Creation

With SECURITY_RELEASE_PIPELINE=true With SECURITY_RELEASE_PIPELINE='publish'
Screenshot 2024-09-03 at 5.48.23 PM.png Screenshot 2024-09-03 at 5.49.34 PM.png
Pipeline Pipeline

Config and execution

Testing the execution order of the jobs. I removed the other jobs in the stage, juuust in case. I also reduced the delay duration to 2 minutes instead of 30 for testing. (commit)

Step Screenshot

Initialized as manual pipeline (Pipeline)

  • SLACK_TEST = true
  • TEST = true
  • SECURITY_RELEASE_PIPELINE = publish

The deploy_blog_post is just an echo job, to make sure that verify_blog_post job's delay and needs block works as intended.

Screenshot 2024-09-04 at 11.18.49 AM.png

After the deploy_blog_post job finishes, the job is delayed as expected

Screenshot 2024-09-04 at 12.46.58 PM.png
The job finishes, successfully as expected, since there are no open blog post MRs available right now.

Screenshot 2024-09-05 at 6.23.49 PM.png

Screenshot 2024-09-05 at 6.23.59 PM.png
Edited by Jenny Kim

Merge request reports