diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-07-20 15:26:25 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-07-20 15:26:25 +0300 |
| commit | a09983ae35713f5a2bbb100981116d31ce99826e (patch) | |
| tree | 2ee2af7bd104d57086db360a7e6d8c9d5d43667a /.gitlab/merge_request_templates | |
| parent | 18c5ab32b738c0b6ecb4d0df3994000482f34bd8 (diff) | |
Add latest changes from gitlab-org/gitlab@13-2-stable-ee
Diffstat (limited to '.gitlab/merge_request_templates')
| -rw-r--r-- | .gitlab/merge_request_templates/Documentation.md | 6 | ||||
| -rw-r--r-- | .gitlab/merge_request_templates/Security Release.md | 22 |
2 files changed, 19 insertions, 9 deletions
diff --git a/.gitlab/merge_request_templates/Documentation.md b/.gitlab/merge_request_templates/Documentation.md index 282e80d700a..fb828b995b1 100644 --- a/.gitlab/merge_request_templates/Documentation.md +++ b/.gitlab/merge_request_templates/Documentation.md @@ -45,9 +45,11 @@ All reviewers can help ensure accuracy, clarity, completeness, and adherence to **2. Technical Writer** -- [ ] Optional: Technical writer review. If not requested for this MR, must be scheduled post-merge. To request for this MR, assign the writer listed for the applicable [DevOps stage](https://about.gitlab.com/handbook/product/categories/#devops-stages). - - [ ] Add ~"Technical Writing" and `docs::` workflow label. +- [ ] Technical writer review. If not requested for this MR, must be scheduled post-merge. To request for this MR, assign the writer listed for the applicable [DevOps stage](https://about.gitlab.com/handbook/product/product-categories/#devops-stages). + - [ ] Ensure ~"Technical Writing", ~"documentation", and a `docs::` scoped label are added. - [ ] Add ~docs-only when the only files changed are under `doc/*`. + - [ ] Add ~"tw::doing" when starting work on the MR. + - [ ] Add ~"tw::finished" if Technical Writing team work on the MR is complete but it remains open. **3. Maintainer** diff --git a/.gitlab/merge_request_templates/Security Release.md b/.gitlab/merge_request_templates/Security Release.md index f852bebae95..bdf26041e62 100644 --- a/.gitlab/merge_request_templates/Security Release.md +++ b/.gitlab/merge_request_templates/Security Release.md @@ -13,25 +13,33 @@ See [the general developer security release guidelines](https://gitlab.com/gitla ## Developer checklist - [ ] **On "Related issues" section, write down the [GitLab Security] issue it belongs to (i.e. `Related to <issue_id>`).** -- [ ] Merge request targets `master`, or `X-Y-stable` for backports. +- [ ] Merge request targets `master`, or a versioned stable branch (`X-Y-stable-ee`). - [ ] Milestone is set for the version this merge request applies to. A closed milestone can be assigned via [quick actions]. - [ ] Title of this merge request is the same as for all backports. -- [ ] A [CHANGELOG entry](https://docs.gitlab.com/ee/development/changelog.html) is added without a `merge_request` value, with `type` set to `security` -- [ ] Assign to a reviewer and maintainer, per our [Code Review process]. +- [ ] A [CHANGELOG entry] is added without a `merge_request` value, with `type` set to `security` - [ ] For the MR targeting `master`: - - [ ] Ask for a non-blocking review from the AppSec team member associated to the issue in the [Canonical repository](https://gitlab.com/gitlab-org/gitlab). If you're unsure who to ping, ask on `#sec-appsec` Slack channel. + - [ ] Assign to a reviewer and maintainer, per our [Code Review process]. - [ ] Ensure it's approved according to our [Approval Guidelines]. -- [ ] Merge request _must not_ close the corresponding security issue, _unless_ it targets `master`. + - [ ] Ensure it's approved by an AppSec engineer. + - If you're unsure who should approve, find the AppSec engineer associated to the issue in the [Canonical repository], or ask #sec-appsec on Slack. + - Trigger the [`package-and-qa` build]. The docker image generated will be used by the AppSec engineer to validate the security vulnerability has been remediated. + - [ ] Merge request _must_ close the corresponding security issue. +- [ ] For a backport MR targeting a versioned stable branch (`X-Y-stable-ee`) + - [ ] Ensure it's approved by a maintainer. **Note:** Reviewer/maintainer should not be a Release Manager ## Maintainer checklist + - [ ] Correct milestone is applied and the title is matching across all backports - [ ] Assigned to `@gitlab-release-tools-bot` with passing CI pipelines and **when all backports including the MR targeting master are ready.** /label ~security [GitLab Security]: https://gitlab.com/gitlab-org/security/gitlab -[approval guidelines]: https://docs.gitlab.com/ee/development/code_review.html#approval-guidelines -[Code Review process]: https://docs.gitlab.com/ee/development/code_review.html [quick actions]: https://docs.gitlab.com/ee/user/project/quick_actions.html#quick-actions-for-issues-merge-requests-and-epics +[CHANGELOG entry]: https://docs.gitlab.com/ee/development/changelog.html +[Code Review process]: https://docs.gitlab.com/ee/development/code_review.html +[Approval Guidelines]: https://docs.gitlab.com/ee/development/code_review.html#approval-guidelines +[Canonical repository]: https://gitlab.com/gitlab-org/gitlab +[`package-and-qa` build]: https://docs.gitlab.com/ee/development/testing_guide/end_to_end/#using-the-package-and-qa-job |