diff options
| author | Alessio Caiazza <acaiazza@gitlab.com> | 2023-01-19 15:51:04 +0300 |
|---|---|---|
| committer | Alessio Caiazza <acaiazza@gitlab.com> | 2023-01-24 18:24:53 +0300 |
| commit | be330016961020beb571dca08a918833c2ae4000 (patch) | |
| tree | a7526fb026d5d8924568664a65e96a17d37f6c3d | |
| parent | efa2bd147adeafd87d607edc5b00857168874119 (diff) | |
Identify when a security MR introduces unreleased changes
| -rw-r--r-- | Dangerfile | 16 |
1 files changed, 16 insertions, 0 deletions
@@ -5,3 +5,19 @@ Gitlab::Dangerfiles.for_project(self) do |dangerfiles| # TODO: find a way to re-enalbe changelog https://gitlab.com/gitlab-org/gitlab-pages/-/issues/736 dangerfiles.import_dangerfiles(except: %w[changelog]) end + +# Identify undeployed commits only on the security mirror +SECURITY_MIRROR_PROJECT_ID = 15_685_887 +if gitlab.mr_json['target_project_id'] == SECURITY_MIRROR_PROJECT_ID && gitlab.mr_json['target_branch'] == ENV['CI_DEFAULT_BRANCH'] + auto_deploy_sha = gitlab.api.file_contents('gitlab-org/gitlab', 'GITLAB_PAGES_VERSION')&.rstrip + + message("Current auto_deploy candidate version: #{auto_deploy_sha}") + + if gitlab.base_commit != auto_deploy_sha + fail <<~MSG + Security merge requests for `#{gitlab.mr_json['target_branch']}` must have `gitlab-org/gitlab` `GITLAB_PAGES_VERSION` content as the merge request base commit. + Please rebase onto #{auto_deploy_sha} with `git rebase -i --onto #{auto_deploy_sha} #{gitlab.base_commit}` + See [our documentation](https://gitlab.com/gitlab-org/release/docs/-/tree/master/components/managed-versioning/security_release.md) for details. + MSG + end +end |