Update issue table when linking/unlinking
🎼 What does this MR do and why?
When the TargetIssuesProcessor
links or unlinks issues to the security release tracking issue, the security issue table in the security release tracking issue is updated.
When a project that has manual releases (GitLab-Pages, Gitaly, CNG) has an issue that is linked, a note is added to the table that it is a managed versioning issue and may require manual merging.
Related to gitlab-com/gl-infra/delivery#19696 (closed)
🎹 Testing
To test:
- I used some test issues:
- Tracking issue: https://gitlab.com/gitlab-org/gitlab/-/issues/424529
- Implementation issue 1: https://gitlab.com/gitlab-org/security/gitlab/-/issues/969
- Implementation issue 2: https://gitlab.com/gitlab-org/security/gitlab/-/issues/967
- I applied the following local changes to force the processor to use my test issues and guarantee they would be linked. I also updated the
PROJECTS_NEEDING_MANUAL_RELEASES
list to includeGitlabEe
so the managed versioning note would be included without having to open a test issue on a manually released project (i.e. Gitaly/GitLab-Pages):
git diff
diff --git a/lib/release_tools/gitlab_client.rb b/lib/release_tools/gitlab_client.rb
index 4d6a8d5e..e7c04c2e 100644
--- a/lib/release_tools/gitlab_client.rb
+++ b/lib/release_tools/gitlab_client.rb
@@ -633,7 +633,7 @@ module ReleaseTools
# project.path is required because the security tracking issue only exists on canonical
client
- .issues(project.path, labels: label, state: 'opened')
+ .issues(project.path, labels: ['security-target', 'test'], state: 'opened')
.first
end
diff --git a/lib/release_tools/managed_versioning.rb b/lib/release_tools/managed_versioning.rb
index 3f24e98d..c0af92de 100644
--- a/lib/release_tools/managed_versioning.rb
+++ b/lib/release_tools/managed_versioning.rb
@@ -13,6 +13,6 @@ module ReleaseTools
ReleaseTools::Project::OmnibusGitlab
].freeze
- PROJECTS_NEEDING_MANUAL_RELEASES = (PROJECTS - [ReleaseTools::Project::GitlabEe, ReleaseTools::Project::OmnibusGitlab]).freeze
+ PROJECTS_NEEDING_MANUAL_RELEASES = (PROJECTS - [ReleaseTools::Project::OmnibusGitlab]).freeze
end
end
diff --git a/lib/release_tools/security/implementation_issue.rb b/lib/release_tools/security/implementation_issue.rb
index df93a3bb..bdd6fea8 100644
--- a/lib/release_tools/security/implementation_issue.rb
+++ b/lib/release_tools/security/implementation_issue.rb
@@ -137,6 +137,7 @@ module ReleaseTools
private
def validate
+ return true
return if defined?(@reasons)
@reasons = []
diff --git a/lib/release_tools/security/issue_crawler.rb b/lib/release_tools/security/issue_crawler.rb
index 6c189910..b8f43a22 100644
--- a/lib/release_tools/security/issue_crawler.rb
+++ b/lib/release_tools/security/issue_crawler.rb
@@ -39,7 +39,7 @@ module ReleaseTools
return @security_release_issues if @security_release_issues
issues = GitlabClient
- .issues(PUBLIC_PROJECT, labels: ROOT_ISSUE_LABEL, state: OPENED)
+ .issues(PUBLIC_PROJECT, labels: ['security-target', 'test'], state: OPENED)
.auto_paginate
# Ignoring issues without a due date could lead to security releases
@@ -98,7 +98,7 @@ module ReleaseTools
# Returns issues that are related to the security release tracking issue.
def related_security_issues
security_issues_and_merge_requests_for(
- security_issues_for(release_issue.iid)
+ security_issues_for(424529)
)
end
diff --git a/lib/release_tools/security/issue_table/service.rb b/lib/release_tools/security/issue_table/service.rb
index 20a0bf2a..af05a818 100644
--- a/lib/release_tools/security/issue_table/service.rb
+++ b/lib/release_tools/security/issue_table/service.rb
@@ -100,7 +100,7 @@ module ReleaseTools
Retriable.with_context(:api) do
GitlabClient.issue_notes(release_issue.project_id, issue_iid: release_issue.iid).auto_paginate.detect do |note|
note.body.include?(NOTE_HEADER) &&
- note.author.username == Security::Client::RELEASE_TOOLS_BOT_USERNAME
+ note.author.username == 'sabrams'
end
end
end
diff --git a/lib/release_tools/security/security_release_tracking_issue_notifier.rb b/lib/release_tools/security/security_release_tracking_issue_notifier.rb
index 4417d9d9..77c2b5de 100644
--- a/lib/release_tools/security/security_release_tracking_issue_notifier.rb
+++ b/lib/release_tools/security/security_release_tracking_issue_notifier.rb
@@ -42,7 +42,7 @@ module ReleaseTools
<<~MSG
#{assignees_string}, a managed versioning project issue, #{issue.web_url}, has been linked to this security release. Please
[follow the release manager instructions](https://gitlab.com/gitlab-org/release/docs/-/blob/master/components/managed-versioning/security_release.md#release-manager-process)
- and adjust the [security release task issue](#{security_task_issue.web_url}) to include any additional steps needed.
+ and adjust the [security release task issue](foo.com) to include any additional steps needed.
MSG
end
diff --git a/lib/release_tools/security/target_issues_processor.rb b/lib/release_tools/security/target_issues_processor.rb
index d207b02a..1a8361c7 100644
--- a/lib/release_tools/security/target_issues_processor.rb
+++ b/lib/release_tools/security/target_issues_processor.rb
@@ -16,6 +16,8 @@ module ReleaseTools
logger.info("#{security_target_issues.count} target issues found. They will be evaluated and considered for linking to the security release tracking issue: #{security_release_tracking_issue.web_url}.")
security_target_issues.each do |target_issue|
+ next unless [967, 969].include?(target_issue.iid)
+
case [target_issue.ready_to_be_processed?, linked_to_security_tracking_issue?(target_issue)]
when [true, true]
logger.info("#{target_issue.web_url} is already linked to the security release tracking issue and still ready to be processed.")
I then ran the processor from the pry console:
~/workspace/gitlab-org/release-tools (delivery19696-update-table-on-linking ✗) RELEASE_BOT_VERSION_TOKEN=REDACTED RELEASE_BOT_PRODUCTION_TOKEN=REDACTED be pry --gem
[2] pry(main)> ReleaseTools::Security::TargetIssuesProcessor.new.execute
2023-10-06 09:36:32.150718 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:32 -0600] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fsecurity%2Fcharts%2Fcomponents%2Fimages/issues" 2
2023-10-06 09:36:32.415784 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:32 -0600] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fsecurity%2Fgitaly/issues" 2
2023-10-06 09:36:32.769241 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:32 -0600] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fsecurity%2Fgitlab/issues" -
2023-10-06 09:36:33.195244 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:33 -0600] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fsecurity%2Fgitlab-pages/issues" 2
2023-10-06 09:36:33.467272 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:33 -0600] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fsecurity%2Fomnibus-gitlab/issues" 2
2023-10-06 09:36:34.156301 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:34 -0600] 200 "GET https://gitlab.com/api/v4/projects/15642544/issues/967/related_merge_requests" -
2023-10-06 09:36:34.245878 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:34 -0600] 200 "GET https://gitlab.com/api/v4/projects/15642544/issues/969/related_merge_requests" -
2023-10-06 09:36:34.694797 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:34 -0600] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fgitlab/issues" -
2023-10-06 09:36:34.695598 W Ruby -- WARNING: Please convert ObjectifiedHash object to hash before calling Hash methods on it.
-- {:source=>"ruby_warnings", :stacktrace=>"/Users/steveabrams/workspace/gitlab-org/release-tools/lib/release_tools/issuable.rb:6:in `initialize'"}
2023-10-06 09:36:34.696744 I ReleaseTools::Security::TargetIssuesProcessor -- 2 target issues found. They will be evaluated and considered for linking to the security release tracking issue: https://gitlab.com/gitlab-org/gitlab/-/issues/424529.
2023-10-06 09:36:35.060474 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:35 -0600] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fgitlab/issues/424529/links" -
2023-10-06 09:36:35.654483 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:35 -0600] 200 "GET https://gitlab.com/api/v4/projects/15642544/issues/969/related_merge_requests" -
2023-10-06 09:36:35.654986 I ReleaseTools::Security::TargetIssuesProcessor -- https://gitlab.com/gitlab-org/security/gitlab/-/issues/969 is already linked to the security release tracking issue and still ready to be processed.
2023-10-06 09:36:35.654998 I ReleaseTools::Security::TargetIssuesProcessor -- https://gitlab.com/gitlab-org/security/gitlab/-/issues/967 is ready to be processed and will be linked to the security release tracking issue.
2023-10-06 09:36:36.431753 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:36 -0600] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fgitlab/issues" -
2023-10-06 09:36:37.524791 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:37 -0600] 201 "POST https://gitlab.com/api/v4/projects/gitlab-org%2Fgitlab/issues/424529/links" 3126
2023-10-06 09:36:37.928544 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:37 -0600] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fgitlab/issues" -
2023-10-06 09:36:38.532133 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:38 -0600] 201 "POST https://gitlab.com/api/v4/projects/15642544/issues/967/notes" 804
2023-10-06 09:36:39.275740 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:39 -0600] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fgitlab/issues" -
2023-10-06 09:36:39.277364 I ReleaseTools::Security::SecurityReleaseTrackingIssueNotifier -- Notifying RMs that issue was linked to security release tracking issue -- {:linked_issue=>"https://gitlab.com/gitlab-org/security/gitlab/-/issues/967", :security_tracking_issue=>"https://gitlab.com/gitlab-org/gitlab/-/issues/424529"}
2023-10-06 09:36:40.105905 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:40 -0600] 201 "POST https://gitlab.com/api/v4/projects/278964/issues/424529/notes" 973
2023-10-06 09:36:40.875877 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:40 -0600] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fgitlab/issues" -
2023-10-06 09:36:41.541745 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:41 -0600] 200 "GET https://gitlab.com/api/v4/projects/278964/issues/424529/notes" -
2023-10-06 09:36:42.396247 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:42 -0600] 200 "GET https://gitlab.com/api/v4/projects/278964/issues/424529/notes?activity_filter=all_notes&id=278964¬eable_id=424529&order_by=created_at&page=2&per_page=20&sort=desc" -
2023-10-06 09:36:42.916421 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:42 -0600] 200 "GET https://gitlab.com/api/v4/projects/278964/issues/424529/notes?activity_filter=all_notes&id=278964¬eable_id=424529&order_by=created_at&page=3&per_page=20&sort=desc" -
2023-10-06 09:36:43.433339 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:43 -0600] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fgitlab/issues/424529/links" -
2023-10-06 09:36:44.048908 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:44 -0600] 200 "GET https://gitlab.com/api/v4/projects/15642544/issues/969/related_merge_requests" -
2023-10-06 09:36:44.390523 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:44 -0600] 200 "GET https://gitlab.com/api/v4/projects/15642544/issues/967/related_merge_requests" -
## Security issues
| Issue | Master merged? | Deployed? | Backports merged? | Bot Comments | Release manager comments |
|-------|----------------|-----------|-------------------|--------------|--------------------------|
| https://gitlab.com/gitlab-org/security/gitlab/-/issues/967 | | | | <br/>Managed versioning. May require manual merging. | |
| https://gitlab.com/gitlab-org/security/gitlab/-/issues/969 | | | | <br/>Managed versioning. May require manual merging. | |
---
:robot: <sub>This table was generated by [release-tools](https://gitlab.com/gitlab-org/release-tools/).
Please open an issue in the [Delivery team issue tracker](https://gitlab.com/gitlab-com/gl-infra/delivery/-/issues)
if you have any suggestions or bug reports.</sub>
2023-10-06 09:36:44.392612 I ReleaseTools::Security::IssueTable::Service -- Table of security issues -- {:comment_string=>"## Security issues\n\n| Issue | Master merged? | Deployed? | Backports merged? | Bot Comments | Release manager comments |\n|-------|----------------|-----------|-------------------|--------------|--------------------------|\n| https://gitlab.com/gitlab-org/security/gitlab/-/issues/967 | | | | <br/>Managed versioning. May require manual merging. | |\n| https://gitlab.com/gitlab-org/security/gitlab/-/issues/969 | | | | <br/>Managed versioning. May require manual merging. | |\n\n---\n\n:robot: <sub>This table was generated by [release-tools](https://gitlab.com/gitlab-org/release-tools/).\nPlease open an issue in the [Delivery team issue tracker](https://gitlab.com/gitlab-com/gl-infra/delivery/-/issues)\nif you have any suggestions or bug reports.</sub>\n"}
2023-10-06 09:36:45.023056 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:45 -0600] 200 "GET https://gitlab.com/api/v4/projects/278964/issues/424529/notes" -
2023-10-06 09:36:45.689226 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:45 -0600] 200 "GET https://gitlab.com/api/v4/projects/278964/issues/424529/notes?activity_filter=all_notes&id=278964¬eable_id=424529&order_by=created_at&page=2&per_page=20&sort=desc" -
2023-10-06 09:36:46.761609 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:46 -0600] 200 "GET https://gitlab.com/api/v4/projects/278964/issues/424529/notes?activity_filter=all_notes&id=278964¬eable_id=424529&order_by=created_at&page=3&per_page=20&sort=desc" -
2023-10-06 09:36:46.764438 I ReleaseTools::Security::IssueTable::Service -- Creating security release table issue comment -- {:issue=>"https://gitlab.com/gitlab-org/gitlab/-/issues/424529"}
2023-10-06 09:36:47.739937 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:47 -0600] 200 "GET https://gitlab.com/api/v4/projects/278964/issues/424529/notes" -
2023-10-06 09:36:48.872607 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:48 -0600] 200 "GET https://gitlab.com/api/v4/projects/278964/issues/424529/notes?activity_filter=all_notes&id=278964¬eable_id=424529&order_by=created_at&page=2&per_page=20&sort=desc" -
2023-10-06 09:36:49.373089 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:49 -0600] 200 "GET https://gitlab.com/api/v4/projects/278964/issues/424529/notes?activity_filter=all_notes&id=278964¬eable_id=424529&order_by=created_at&page=3&per_page=20&sort=desc" -
2023-10-06 09:36:50.258753 D ReleaseTools::GitlabClient -- [HTTParty] [2023-10-06 09:36:50 -0600] 201 "POST https://gitlab.com/api/v4/projects/278964/issues/424529/notes" 1357
=> [#<ReleaseTools::Security::ImplementationIss....]
This comment was generated and includes the managed versioning note: https://gitlab.com/gitlab-org/gitlab/-/issues/424529#note_1593354270
I then:
- Unlinked one of the issues so that it would relink
- Manually deleted one line in the table so it is more obvious that it is updated
- Added a release manager note to the remaining line to ensure it is preserved on the update.
- Ran the processor again
The comment was edited as expected:
Author Check-list
- [-] Has documentation been updated?
Edited by Steve Abrams