Commit 870a18e8 authored by Robert Speicher's avatar Robert Speicher

Merge branch 'mj/security-release-process' into 'master'

Create security release MR template

Closes gitlab-org/release/framework#168, gitlab-org/release/framework#166, and gitlab-org/release/framework#167

See merge request gitlab-org/gitlab-ce!24725
parents b1336149 ef17cf49
......@@ -32,12 +32,12 @@ Set the title to: `Security Release: 11.4.X, 11.3.X, and 11.2.X`
- {https://dev.gitlab.org/gitlab/gitlabhq/issues link}
| Version | MR | Status|
|---------|----|-------|
| 11.4 | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} | |
| 11.3 | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} | |
| 11.2 | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} | |
| master | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} | |
| Version | MR |
|---------|----|
| 11.4 | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} |
| 11.3 | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} |
| 11.2 | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} |
| master | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} |
......@@ -46,12 +46,12 @@ Set the title to: `Security Release: 11.4.X, 11.3.X, and 11.2.X`
* {https://dev.gitlab.org/gitlab/gitlabhq/issues/ link}
| Version | MR | Status|
|---------|----|-------|
| 11.4| {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} | |
| 11.3 | {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} | |
| 11.2 | {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} | |
| master | {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} | |
| Version | MR |
|---------|----|
| 11.4| {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} |
| 11.3 | {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} |
| 11.2 | {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} |
| master | {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} |
## QA
......
......@@ -3,20 +3,17 @@
Create this issue under https://dev.gitlab.org/gitlab/gitlabhq
Set the title to: `[Security] Description of the original issue`
Set the title to: `Description of the original issue`
-->
### Prior to the security release
### Prior to starting the security release work
- [ ] Read the [security process for developers] if you are not familiar with it.
- [ ] Link to the original issue adding it to the [links section](#links)
- [ ] Run `scripts/security-harness` in the CE, EE, and/or Omnibus to prevent pushing to any remote besides `dev.gitlab.org`
- [ ] Create an MR targetting `org` `master`, prefixing your branch with `security-`
- [ ] Label your MR with the ~security label, prefix the title with `WIP: [master]`
- [ ] Add a link to the MR to the [links section](#links)
- [ ] Add a link to an EE MR if required
- [ ] Make sure the MR remains in-progress and gets approved after the review cycle, **but never merged**.
- [ ] Add a link to this issue on the original security issue.
- [ ] Create a new branch prefixing it with `security-`
- [ ] Create a MR targeting `dev.gitlab.org` `master`
- [ ] Add a link to this issue in the original security issue on `gitlab.com`.
#### Backports
......
<!--
# README first!
This MR should be created on `dev.gitlab.org`.
See [the general developer security release guidelines](https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md).
-->
## Related issues
<!-- Mention the issue(s) this MR is related to -->
## Author's checklist
- [ ] Link to the developer security workflow issue on `dev.gitlab.org`
- [ ] MR targets `master` or `security-X-Y` for backports
- [ ] Milestone is set for the version this MR applies to
- [ ] Title of this MR is the same as for all backports
- [ ] A [CHANGELOG entry](https://docs.gitlab.com/ee/development/changelog.html) is added without a `merge_request` value, with `type` set to `security`
- [ ] Add a link to this MR in the `links` section of related issue
- [ ] Add a link to an EE MR if required
- [ ] Assign to a reviewer
## Reviewers checklist
- [ ] Correct milestone is applied and the title is matching across all backports
- [ ] Assigned to `@gitlab-release-tools-bot` with passing CI pipelines
/label ~security ~"Merge into Security"
......@@ -57,8 +57,8 @@ module Secpick
merge_request: {
source_branch: source_branch,
target_branch: security_branch,
title: "WIP: [#{@options[:version].tr('-', '.')}] ",
description: '/label ~security'
title: "[#{@options[:version].tr('-', '.')}] ",
description: '/label ~security ~"Merge into Security"'
}
}
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment