summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarin Jankovski <maxlazio@gmail.com>2019-01-28 12:21:42 +0100
committerMarin Jankovski <maxlazio@gmail.com>2019-01-28 12:51:37 +0100
commite4db1a615b9f30574c063bda9f6183654f74586e (patch)
treefa720c79e5f429f7900461f9974a93b0d98bde29
parent436a43346729745b3aeba214b27de937c65f062e (diff)
downloadgitlab-ce-e4db1a615b9f30574c063bda9f6183654f74586e.tar.gz
Create security release MR template
Improve existing issue templates for security releases
-rw-r--r--.gitlab/issue_templates/Security Release.md24
-rw-r--r--.gitlab/issue_templates/Security developer workflow.md13
-rw-r--r--.gitlab/merge_request_templates/Security Release.md28
-rwxr-xr-xbin/secpick4
4 files changed, 47 insertions, 22 deletions
diff --git a/.gitlab/issue_templates/Security Release.md b/.gitlab/issue_templates/Security Release.md
index 1734e915ad2..ae469d3b125 100644
--- a/.gitlab/issue_templates/Security Release.md
+++ b/.gitlab/issue_templates/Security Release.md
@@ -32,12 +32,12 @@ Set the title to: `Security Release: 11.4.X, 11.3.X, and 11.2.X`
- {https://dev.gitlab.org/gitlab/gitlabhq/issues link}
-| Version | MR | Status|
-|---------|----|-------|
-| 11.4 | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} | |
-| 11.3 | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} | |
-| 11.2 | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} | |
-| master | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} | |
+| Version | MR |
+|---------|----|
+| 11.4 | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} |
+| 11.3 | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} |
+| 11.2 | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} |
+| master | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} |
@@ -46,12 +46,12 @@ Set the title to: `Security Release: 11.4.X, 11.3.X, and 11.2.X`
* {https://dev.gitlab.org/gitlab/gitlabhq/issues/ link}
-| Version | MR | Status|
-|---------|----|-------|
-| 11.4| {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} | |
-| 11.3 | {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} | |
-| 11.2 | {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} | |
-| master | {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} | |
+| Version | MR |
+|---------|----|
+| 11.4| {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} |
+| 11.3 | {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} |
+| 11.2 | {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} |
+| master | {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} |
## QA
diff --git a/.gitlab/issue_templates/Security developer workflow.md b/.gitlab/issue_templates/Security developer workflow.md
index f9bf700f809..4bc4215d21b 100644
--- a/.gitlab/issue_templates/Security developer workflow.md
+++ b/.gitlab/issue_templates/Security developer workflow.md
@@ -3,20 +3,17 @@
Create this issue under https://dev.gitlab.org/gitlab/gitlabhq
-Set the title to: `[Security] Description of the original issue`
+Set the title to: `Description of the original issue`
-->
-### Prior to the security release
+### Prior to starting the security release work
- [ ] Read the [security process for developers] if you are not familiar with it.
- [ ] Link to the original issue adding it to the [links section](#links)
- [ ] Run `scripts/security-harness` in the CE, EE, and/or Omnibus to prevent pushing to any remote besides `dev.gitlab.org`
-- [ ] Create an MR targetting `org` `master`, prefixing your branch with `security-`
-- [ ] Label your MR with the ~security label, prefix the title with `WIP: [master]`
-- [ ] Add a link to the MR to the [links section](#links)
-- [ ] Add a link to an EE MR if required
-- [ ] Make sure the MR remains in-progress and gets approved after the review cycle, **but never merged**.
-- [ ] Add a link to this issue on the original security issue.
+- [ ] Create a new branch prefixing it with `security-`
+- [ ] Create a MR targeting `dev.gitlab.org` `master`
+- [ ] Add a link to this issue in the original security issue on `gitlab.com`.
#### Backports
diff --git a/.gitlab/merge_request_templates/Security Release.md b/.gitlab/merge_request_templates/Security Release.md
new file mode 100644
index 00000000000..df760052ff4
--- /dev/null
+++ b/.gitlab/merge_request_templates/Security Release.md
@@ -0,0 +1,28 @@
+<!--
+# README first!
+This MR is being created on `dev.gitlab.org`.
+
+See the general developer security release guidelines https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md
+
+-->
+## Related issues
+
+<!-- Mention the issue(s) this MR is related to -->
+
+## Author's checklist
+
+- [ ] Link to the developer security workflow issue on `dev.gitlab.org`
+- [ ] MR targets `master` or `security-X-Y` for backports
+- [ ] Milestone is set for the version this MR applies to
+- [ ] Title of this MR is the same as for all backports
+- [ ] A [CHANGELOG entry](https://docs.gitlab.com/ee/development/changelog.html) is added without a `merge_request` value, with `type` set to `security`
+- [ ] Add a link this MR in the `links` section of related issue
+- [ ] Add a link to an EE MR if required
+- [ ] Assign to a reviewer
+
+## Reviewers checklist
+
+- [ ] Correct milestone is applied and the title is matching across all backports
+- [ ] Assigned to `@gitlab-release-tools-bot` with passing CI pipelines
+
+/label ~security ~"Merge into Security"
diff --git a/bin/secpick b/bin/secpick
index 3d032f696a2..be120a304c9 100755
--- a/bin/secpick
+++ b/bin/secpick
@@ -57,8 +57,8 @@ module Secpick
merge_request: {
source_branch: source_branch,
target_branch: security_branch,
- title: "WIP: [#{@options[:version].tr('-', '.')}] ",
- description: '/label ~security'
+ title: "[#{@options[:version].tr('-', '.')}] ",
+ description: '/label ~security ~"Merge into Security"'
}
}
end