Add flowchart for deciding how to deploy MR that fixes incident (!475) · Merge requests · GitLab.org / release / GitLab Release Docs

Reuben Pereira requested to merge rp/guide-to-deploy-mr-to-fix-incident into master Jun 29, 2022

graph TB;
   id1{Is the MR for an S1 incident?}

   id2(The EOC can choose to perform a hot-patch <br/>if we need to deploy it extremely fast, in less than 8 hours)
   id1-- Yes -->id2

   id3(Note that a deployment will remove the hot patch,<br/> so we cannot deploy after the hot patch until the MR has been merged)
   id2-->id3

   id3_2{Is the MR associated with a security issue?}
   id3-->id3_2

   id3_3{Does AppSec want a critical security release?}
   id3_2-- Yes -->id3_3

   id3_4(Coordinate with AppSec to <br/>start a critical security release)
   id3_3-- Yes -->id3_4

   id4{Is the MR associated with a security issue?}
   id1-- No -->id4

   id5{Does it need a speedy deployment?}
   id4-- No -->id5

   id6(Follow the docs to speed up the auto-deploy process)
   id5-- Yes -->id6
   id3_2-- No -->id6

   id7(The MR will be automatically included <br/>in the next auto-deploy package once it is merged)
   id5-- No -->id7

   id10(Ask the MR author to follow the <br/>security developer workflow to include the MR in the next security release)
   id4-- Yes -->id10
   id3_3-- No -->id10

The chart as it will appear in the docs: https://gitlab.com/gitlab-org/release/docs/-/blob/73c1395c495e9614e3d50703bf3cbe33d9880eb9/release_manager/release-manager-incident-guide.md

https://gitlab.com/gitlab-com/gl-infra/delivery/-/issues/2419

Edited Jul 08, 2022 by Reuben Pereira

Add flowchart for deciding how to deploy MR that fixes incident

Merge request reports