[Feature Flag] Remove security_orchestration_policies_configuration feature flag
What
Remove the :security_orchestration_policies_configuration
feature flag .
Owners
- Team: ~"group::container security"
- Most appropriate slack channel to reach out to:
#g_protect_container_security
- Best individual to reach out to: @mparuszewski, @aturinske
Expectations
What are we expecting to happen?
What might happen if this goes wrong?
What can we monitor to detect problems with this?
Beta groups/projects
If applicable, any groups/projects that are happy to have this feature turned on early. Some organizations may wish to test big changes they are interested in with a small subset of users ahead of time for example.
-
gitlab-org/threat-management/defend/demos
group
Roll Out Steps
-
Enable on staging ( /chatops run feature set security_orchestration_policies_configuration true --staging
) -
Test on staging -
Ensure that documentation has been updated -
Enable on GitLab.com for individual groups/projects listed above and verify behaviour ( /chatops run feature set --project=gitlab-org/gitlab security_orchestration_policies_configuration true
) -
Coordinate a time to enable the flag with the SRE oncall and release managers - In
#production
mention@sre-oncall
and@release-managers
. Once an SRE on call and Release Manager on call confirm, you can proceed with the rollout
- In
-
Announce on the issue an estimated time this will be enabled on GitLab.com -
Enable on GitLab.com by running chatops command in #production
(/chatops run feature set security_orchestration_policies_configuration true
) -
Cross post chatops Slack command to #support_gitlab-com
(more guidance when this is necessary in the dev docs) and in your team channel -
Announce on the issue that the flag has been enabled -
Remove feature flag and add changelog entry -
After the flag removal is deployed, clean up the feature flag by running chatops command in #production
channel
Rollback Steps
-
This feature can be disabled by running the following Chatops command:
/chatops run feature set --project=gitlab-org/gitlab security_orchestration_policies_configuration false
Code changes on removal
-
QA update e2e tests -
frontend remove any reference to securityOrchestrationPolliciesConfiguration
in policy_editor and it's test file -
backend remove any reference to :security_orchestration_policies_configuration
-
frontend Remove ee/app/assets/javascripts/threat_monitoring/components/policy_list.vue
as it was replaced withee/app/assets/javascripts/threat_monitoring/components/policies/policies_list.vue
(moved to issue #341064 (closed)) -
frontend /backend rename threat_monitoring_path
topolicies_path
(moved to issue #341073 (closed)) -
backend remove policies-specific actions in threat_monitoring_controller
(#edit
and#new
) and associated haml files (moved to issue #341066 (closed)) -
backend remove endpoint/redirect policies
endpoint in https://gitlab.com/gitlab-org/gitlab/blob/master/ee/config/routes/project.rb#L44 (moved to issue #341066 (closed)) -
backend Move theWe replicated the helpers so they do not need to be moved, simply removed, which has been moved to issue #341066 (closed))policy_details
anddetails
methods from https://gitlab.com/gitlab-org/gitlab/blob/master/ee/app/helpers/policy_helper.rb into https://gitlab.com/gitlab-org/gitlab/blob/master/ee/app/helpers/projects/security/policies_helper.rb because now the policies are handled by this new controller -
backend Cleanup policy helpers (moved to issue #337867 (closed)) -
backend move route for Security & Compliance => Policies
from/-/security/policy
to/-/security/policies
Edited by Alexander Turinske