Commit 24d730a0 authored by Marin Jankovski's avatar Marin Jankovski

Merge branch 'remove-security-branches' into 'master'

Remove requirement to target security branches

See merge request gitlab-org/gitlab-ce!24962
parents c5e88896 0d05c581
...@@ -20,10 +20,9 @@ Set the title to: `Description of the original issue` ...@@ -20,10 +20,9 @@ Set the title to: `Description of the original issue`
- [ ] Once the MR is ready to be merged, create MRs targetting the last 3 releases, plus the current RC if between the 7th and 22nd of the month. - [ ] Once the MR is ready to be merged, create MRs targetting the last 3 releases, plus the current RC if between the 7th and 22nd of the month.
- [ ] At this point, it might be easy to squash the commits from the MR into one - [ ] At this point, it might be easy to squash the commits from the MR into one
- You can use the script `bin/secpick` instead of the following steps, to help you cherry-picking. See the [secpick documentation] - You can use the script `bin/secpick` instead of the following steps, to help you cherry-picking. See the [secpick documentation]
- [ ] Create the branch `security-X-Y` from `X-Y-stable` if it doesn't exist (and make sure it's up to date with stable) - [ ] Create each MR targetting the stable branch `stable-X-Y`, using the "Security Release" merge request template.
- [ ] Create each MR targetting the security branch `security-X-Y` - Every merge request will have its own set of TODOs, so make sure to
- [ ] Add the ~security label and prefix with the version `WIP: [X.Y]` the title of the MR complete those.
- [ ] Add the ~"Merge into Security" label to all of the MRs.
- [ ] Make sure all MRs have a link in the [links section](#links) - [ ] Make sure all MRs have a link in the [links section](#links)
[secpick documentation]: https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md#secpick-script [secpick documentation]: https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md#secpick-script
......
...@@ -4,6 +4,9 @@ This MR should be created on `dev.gitlab.org`. ...@@ -4,6 +4,9 @@ This MR should be created on `dev.gitlab.org`.
See [the general developer security release guidelines](https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md). See [the general developer security release guidelines](https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md).
This merge request _must not_ close the corresponding security issue _unless_ it
targets master.
--> -->
## Related issues ## Related issues
...@@ -12,7 +15,7 @@ See [the general developer security release guidelines](https://gitlab.com/gitla ...@@ -12,7 +15,7 @@ See [the general developer security release guidelines](https://gitlab.com/gitla
## Developer checklist ## Developer checklist
- [ ] Link to the developer security workflow issue on `dev.gitlab.org` - [ ] Link to the developer security workflow issue on `dev.gitlab.org`
- [ ] MR targets `master` or `security-X-Y` for backports - [ ] MR targets `master`, or `stable-X-Y` for backports
- [ ] Milestone is set for the version this MR applies to - [ ] Milestone is set for the version this MR applies to
- [ ] Title of this MR is the same as for all backports - [ ] Title of this MR is the same as for all backports
- [ ] A [CHANGELOG entry](https://docs.gitlab.com/ee/development/changelog.html) is added without a `merge_request` value, with `type` set to `security` - [ ] A [CHANGELOG entry](https://docs.gitlab.com/ee/development/changelog.html) is added without a `merge_request` value, with `type` set to `security`
...@@ -25,4 +28,4 @@ See [the general developer security release guidelines](https://gitlab.com/gitla ...@@ -25,4 +28,4 @@ See [the general developer security release guidelines](https://gitlab.com/gitla
- [ ] Correct milestone is applied and the title is matching across all backports - [ ] Correct milestone is applied and the title is matching across all backports
- [ ] Assigned to `@gitlab-release-tools-bot` with passing CI pipelines - [ ] Assigned to `@gitlab-release-tools-bot` with passing CI pipelines
/label ~security ~"Merge into Security" /label ~security
...@@ -10,6 +10,7 @@ using Rainbow ...@@ -10,6 +10,7 @@ using Rainbow
module Secpick module Secpick
BRANCH_PREFIX = 'security'.freeze BRANCH_PREFIX = 'security'.freeze
STABLE_PREFIX = 'stable'.freeze
DEFAULT_REMOTE = 'dev'.freeze DEFAULT_REMOTE = 'dev'.freeze
NEW_MR_URL = 'https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/new'.freeze NEW_MR_URL = 'https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/new'.freeze
...@@ -36,16 +37,16 @@ module Secpick ...@@ -36,16 +37,16 @@ module Secpick
branch.freeze branch.freeze
end end
def security_branch def stable_branch
"#{BRANCH_PREFIX}-#{@options[:version]}".tap do |name| "#{STABLE_PREFIX}-#{@options[:version]}".tap do |name|
name << "-ee" if ee? name << "-ee" if ee?
end.freeze end.freeze
end end
def git_commands def git_commands
["git fetch #{@options[:remote]} #{security_branch}", ["git fetch #{@options[:remote]} #{stable_branch}",
"git checkout #{security_branch}", "git checkout #{stable_branch}",
"git pull #{@options[:remote]} #{security_branch}", "git pull #{@options[:remote]} #{stable_branch}",
"git checkout -B #{source_branch}", "git checkout -B #{source_branch}",
"git cherry-pick #{@options[:sha]}", "git cherry-pick #{@options[:sha]}",
"git push #{@options[:remote]} #{source_branch}", "git push #{@options[:remote]} #{source_branch}",
...@@ -56,9 +57,8 @@ module Secpick ...@@ -56,9 +57,8 @@ module Secpick
{ {
merge_request: { merge_request: {
source_branch: source_branch, source_branch: source_branch,
target_branch: security_branch, target_branch: stable_branch,
title: "[#{@options[:version].tr('-', '.')}] ", description: '/label ~security'
description: '/label ~security ~"Merge into Security"'
} }
} }
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment