Don't rely on vulnerability_name in vulnerability SLO policy
Context
See the discussion that led to this MR.
What does this MR do and why?
The remind-vulnerability-slo has been failing for the last two days.
This MR changed the labels to select which resources we should comment to, but the comment itself still assumes we have a vulnerability label is set, which is not the case anymore.
Expected impact & dry-runs
Will post a few comments related to bugvulnerability issues, and should fix the future daily scheduled pipelines.
Test it locally
The script below should fail on master, but succeed when on this branch:
cd ~/src/triage-ops
export TRIAGE_POLICY_FILE=policies/groups/gitlab-org/hygiene/comment-vulnerability-issue-slo.yml
export GITLAB_COM_API_TOKEN="${GITLAB_API_PRIVATE_TOKEN}"
export TRIAGE_SOURCE_TYPE=projects
export TRIAGE_SOURCE_PATH=278964 # gitlab-org group
export EXTRA_FLAGS="--dry-run"
bundle exec gitlab-triage -r ./plugins/all --debug -f $TRIAGE_POLICY_FILE --token $GITLAB_COM_API_TOKEN --source $TRIAGE_SOURCE_TYPE --source-id $TRIAGE_SOURCE_PATH $EXTRA_FLAGSAction items
-
If adding environment variables for reactive processors, update config/triage-web.yamland.gitlab/ci/triage-web.yml -
(If applicable) Add documentation to the handbook pages for Triage Operations => - (If applicable) Identify the affected groups and how to communicate to them:
-
/cc @ person_or_group=> -
Relevant Slack channels => -
Engineering week-in-review
-