Automatically cherry-pick any MRs in security projects

What does this MR do and why?

Describe in detail what your merge request does and why.

This merge request (MR) updates the AutoDeployService to automatically include security MRs that are labeled with ~Pick into auto deploy. This enhancement aims to replace the current manual process of cherry-picking security MRs, which is prone to errors. Manually picked commits can also easily be unintentionally rolled back during future deployments.

Related issue: gitlab-com/gl-infra/delivery#20810 (closed)

Testing

Code Change:

56,57c56
<                 # cherry_pick(merge_request)
<                 puts "cherry_pick(merge_request)"
---
>                 cherry_pick(merge_request)

TRIAL 1:

Result

[2] pry(main)> a=ReleaseTools::CherryPick::AutoDeployService.new(ReleaseTools::Project::GitlabEe, '17-9-auto-deploy-2025011701').execute
2025-01-17 14:12:42.732257 D ReleaseTools::GitlabClient -- [HTTParty] [2025-01-17 14:12:42 +0800] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fgitlab/merge_requests" 2 
2025-01-17 14:12:47.372435 D ReleaseTools::GitlabClient -- [HTTParty] [2025-01-17 14:12:47 +0800] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fsecurity%2Fgitlab/merge_requests" - 
2025-01-17 14:12:50.710419 D ReleaseTools::GitlabClient -- [HTTParty] [2025-01-17 14:12:50 +0800] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fsecurity%2Fgitlab/repository/commits/e8ca13b9afe13c0479d81cd12a2a9113600456fa/refs" - 
2025-01-17 14:12:50.714307 I ReleaseTools::CherryPick::AutoDeployService -- Searching for merge commit in auto deploy branch -- {project: "gitlab-org/security/gitlab", sha: "e8ca13b9afe13c0479d81cd12a2a9113600456fa", branch: "17-9-auto-deploy-2025011701", present_in_branch: nil}
2025-01-17 14:12:54.144639 D ReleaseTools::GitlabClient -- [HTTParty] [2025-01-17 14:12:54 +0800] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fsecurity%2Fgitlab/repository/commits/e8ca13b9afe13c0479d81cd12a2a9113600456fa/refs?id=gitlab-org%2Fsecurity%2Fgitlab&page=2&per_page=20&sha=e8ca13b9afe13c0479d81cd12a2a9113600456fa&type=branch" - 
2025-01-17 14:12:54.145023 I ReleaseTools::CherryPick::AutoDeployService -- Searching for merge commit in auto deploy branch -- {project: "gitlab-org/security/gitlab", sha: "e8ca13b9afe13c0479d81cd12a2a9113600456fa", branch: "17-9-auto-deploy-2025011701", present_in_branch: nil}
2025-01-17 14:12:57.675576 D ReleaseTools::GitlabClient -- [HTTParty] [2025-01-17 14:12:57 +0800] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fsecurity%2Fgitlab/repository/commits/e8ca13b9afe13c0479d81cd12a2a9113600456fa/refs?id=gitlab-org%2Fsecurity%2Fgitlab&page=3&per_page=20&sha=e8ca13b9afe13c0479d81cd12a2a9113600456fa&type=branch" - 
2025-01-17 14:12:57.675673 I ReleaseTools::CherryPick::AutoDeployService -- Searching for merge commit in auto deploy branch -- {project: "gitlab-org/security/gitlab", sha: "e8ca13b9afe13c0479d81cd12a2a9113600456fa", branch: "17-9-auto-deploy-2025011701", present_in_branch: nil}
2025-01-17 14:13:02.091511 D ReleaseTools::GitlabClient -- [HTTParty] [2025-01-17 14:13:02 +0800] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fsecurity%2Fgitlab/repository/commits/e8ca13b9afe13c0479d81cd12a2a9113600456fa/refs?id=gitlab-org%2Fsecurity%2Fgitlab&page=4&per_page=20&sha=e8ca13b9afe13c0479d81cd12a2a9113600456fa&type=branch" - 
2025-01-17 14:13:02.091843 I ReleaseTools::CherryPick::AutoDeployService -- Searching for merge commit in auto deploy branch -- {project: "gitlab-org/security/gitlab", sha: "e8ca13b9afe13c0479d81cd12a2a9113600456fa", branch: "17-9-auto-deploy-2025011701", present_in_branch: nil}
2025-01-17 14:13:06.591679 D ReleaseTools::GitlabClient -- [HTTParty] [2025-01-17 14:13:06 +0800] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fsecurity%2Fgitlab/repository/commits/e8ca13b9afe13c0479d81cd12a2a9113600456fa/refs?id=gitlab-org%2Fsecurity%2Fgitlab&page=5&per_page=20&sha=e8ca13b9afe13c0479d81cd12a2a9113600456fa&type=branch" - 
2025-01-17 14:13:06.591788 I ReleaseTools::CherryPick::AutoDeployService -- Searching for merge commit in auto deploy branch -- {project: "gitlab-org/security/gitlab", sha: "e8ca13b9afe13c0479d81cd12a2a9113600456fa", branch: "17-9-auto-deploy-2025011701", present_in_branch: nil}
2025-01-17 14:13:10.258490 D ReleaseTools::GitlabClient -- [HTTParty] [2025-01-17 14:13:10 +0800] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fsecurity%2Fgitlab/repository/commits/e8ca13b9afe13c0479d81cd12a2a9113600456fa/refs?id=gitlab-org%2Fsecurity%2Fgitlab&page=6&per_page=20&sha=e8ca13b9afe13c0479d81cd12a2a9113600456fa&type=branch" - 
2025-01-17 14:13:10.258929 I ReleaseTools::CherryPick::AutoDeployService -- Searching for merge commit in auto deploy branch -- {project: "gitlab-org/security/gitlab", sha: "e8ca13b9afe13c0479d81cd12a2a9113600456fa", branch: "17-9-auto-deploy-2025011701", present_in_branch: nil}
2025-01-17 14:14:18.415023 D ReleaseTools::GitlabClient -- [HTTParty] [2025-01-17 14:14:18 +0800] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fsecurity%2Fgitlab/repository/commits/e8ca13b9afe13c0479d81cd12a2a9113600456fa/refs?id=gitlab-org%2Fsecurity%2Fgitlab&page=7&per_page=20&sha=e8ca13b9afe13c0479d81cd12a2a9113600456fa&type=branch" - 
2025-01-17 14:14:18.415336 I ReleaseTools::CherryPick::AutoDeployService -- Searching for merge commit in auto deploy branch -- {project: "gitlab-org/security/gitlab", sha: "e8ca13b9afe13c0479d81cd12a2a9113600456fa", branch: "17-9-auto-deploy-2025011701", present_in_branch: nil}
2025-01-17 14:14:22.050171 D ReleaseTools::GitlabClient -- [HTTParty] [2025-01-17 14:14:22 +0800] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fsecurity%2Fgitlab/repository/commits/e8ca13b9afe13c0479d81cd12a2a9113600456fa/refs?id=gitlab-org%2Fsecurity%2Fgitlab&page=8&per_page=20&sha=e8ca13b9afe13c0479d81cd12a2a9113600456fa&type=branch" - 
2025-01-17 14:14:22.050283 I ReleaseTools::CherryPick::AutoDeployService -- Searching for merge commit in auto deploy branch -- {project: "gitlab-org/security/gitlab", sha: "e8ca13b9afe13c0479d81cd12a2a9113600456fa", branch: "17-9-auto-deploy-2025011701", present_in_branch: nil}
2025-01-17 14:14:25.515228 D ReleaseTools::GitlabClient -- [HTTParty] [2025-01-17 14:14:25 +0800] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fsecurity%2Fgitlab/repository/commits/e8ca13b9afe13c0479d81cd12a2a9113600456fa/refs?id=gitlab-org%2Fsecurity%2Fgitlab&page=9&per_page=20&sha=e8ca13b9afe13c0479d81cd12a2a9113600456fa&type=branch" - 
2025-01-17 14:14:25.515642 I ReleaseTools::CherryPick::AutoDeployService -- Searching for merge commit in auto deploy branch -- {project: "gitlab-org/security/gitlab", sha: "e8ca13b9afe13c0479d81cd12a2a9113600456fa", branch: "17-9-auto-deploy-2025011701", present_in_branch: nil}
--> Adding the following comment to 15642544!1542:
    The merge commit of this merge request has been included in [`17-9-auto-deploy-2025011701`](https://gitlab.com/gitlab-org/security/gitlab/-/commits/17-9-auto-deploy-2025011701). The
    ~"Pick into auto-deploy" label will now be removed.

    /unlabel ~"Pick into auto-deploy"

• It was able to find the MR: https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/1542
• During this initial testing, we discovered old security MRs with the Pick into auto-deploy label. To prevent them from being included in new auto-deploy branches after this change, we removed the label from those MRs.

TRIAL 2:

Result

[2] pry(main)> a=ReleaseTools::CherryPick::AutoDeployService.new(ReleaseTools::Project::GitlabEe, '17-9-auto-deploy-2025011701').execute
2025-01-17 17:50:57.820818 D ReleaseTools::GitlabClient -- [HTTParty] [2025-01-17 17:50:57 +0800] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fgitlab/merge_requests" 2 
=> []
2025-01-17 17:50:58.881735 D ReleaseTools::GitlabClient -- [HTTParty] [2025-01-17 17:50:58 +0800] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fsecurity%2Fgitlab/merge_requests" 2

• Since we removed the Pick into auto-deploy label from the old security MRs, at the time of this testing, there's no security MR to be cherry-picked
• At the time of this testing, there's no canonical and security MRs with the Pick into auto-deploy label so this returns an empty array.

TRIAL 3:

Result

[2] pry(main)> a=ReleaseTools::CherryPick::AutoDeployService.new(ReleaseTools::Project::GitlabEe, '17-9-auto-deploy-2025011701').execute
2025-01-20 20:06:08.974003 D ReleaseTools::GitlabClient -- [HTTParty] [2025-01-20 20:06:08 +0800] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fgitlab/merge_requests" 2 
=> []
2025-01-20 20:06:09.614759 D ReleaseTools::GitlabClient -- [HTTParty] [2025-01-20 20:06:09 +0800] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fsecurity%2Fgitlab/merge_requests" 2

Content

• Update AutoDeployService spec
• Update AutoDeployService to include security MRs

Author Check-list

• Has documentation been updated?