gitlab-org--gitlab-foss/.gitlab/merge_request_templates/Security Release.md

<!--
# README first!
This MR should be created on `dev.gitlab.org`.

See [the general developer security release guidelines](https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md).

This merge request _must not_ close the corresponding security issue _unless_ it
targets master.

When submitting a merge request for CE, a corresponding EE merge request is
always required. This makes it easier to merge security merge requests, as
manually merging CE into EE is no longer required.

-->
## Related issues

<!-- Mention the issue(s) this MR is related to -->

## Developer checklist

- [ ] Link to the developer security workflow issue on `dev.gitlab.org`
- [ ] MR targets `master`, or `X-Y-stable` for backports
- [ ] Milestone is set for the version this MR applies to
- [ ] Title of this MR is the same as for all backports
- [ ] A [CHANGELOG entry](https://docs.gitlab.com/ee/development/changelog.html) is added without a `merge_request` value, with `type` set to `security`
- [ ] Add a link to this MR in the `links` section of related issue
- [ ] Set up an EE MR (always required for CE merge requests): EE_MR_LINK_HERE
- [ ] Assign to a reviewer (that is not a release manager)

## Reviewer checklist

- [ ] Correct milestone is applied and the title is matching across all backports
- [ ] Assigned to `@gitlab-release-tools-bot` with passing CI pipelines

/label ~security
Create security release MR template Improve existing issue templates for security releases 2019-01-28 06:21:42 -05:00			`<!--`
			`# README first!`
Address docs review feedback 2019-01-29 05:57:21 -05:00			This MR should be created on `dev.gitlab.org`.
Create security release MR template Improve existing issue templates for security releases 2019-01-28 06:21:42 -05:00
Address docs review feedback 2019-01-29 05:57:21 -05:00			`See [the general developer security release guidelines](https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md).`
Create security release MR template Improve existing issue templates for security releases 2019-01-28 06:21:42 -05:00
Remove requirement to target security branches This removes the requirement and any mention of targeting security branches when working on security releases. The release process documentation changes for these CE changes can be found in merge request https://gitlab.com/gitlab-org/release/docs/merge_requests/97. The proposal to remove security branches was approved in https://gitlab.com/gitlab-org/release/framework/issues/165#note_138139016. 2019-02-06 08:14:55 -05:00			`This merge request _must not_ close the corresponding security issue _unless_ it`
			`targets master.`

Update the MR template for security MRs This makes two changes to the template: 1. EE MRs are now always required (see https://gitlab.com/gitlab-org/release/framework/issues/256 for a backstory). 2. We clarify that a release manager is not a suitable reviewer for security merge requests. 2019-03-27 08:35:28 -04:00			`When submitting a merge request for CE, a corresponding EE merge request is`
			`always required. This makes it easier to merge security merge requests, as`
			`manually merging CE into EE is no longer required.`

Create security release MR template Improve existing issue templates for security releases 2019-01-28 06:21:42 -05:00			`-->`
			`## Related issues`

			`<!-- Mention the issue(s) this MR is related to -->`

Author is Developer in sec. release MR template 2019-02-05 08:57:44 -05:00			`## Developer checklist`
Create security release MR template Improve existing issue templates for security releases 2019-01-28 06:21:42 -05:00
			- [ ] Link to the developer security workflow issue on `dev.gitlab.org`
Fix incorrect stable branch name for templates In https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/24962 the stable branches were incorrectly changed to `stable-X-Y`. This commit fixes this so we correctly use `X-Y-stable`. 2019-02-06 10:05:26 -05:00			- [ ] MR targets `master`, or `X-Y-stable` for backports
Create security release MR template Improve existing issue templates for security releases 2019-01-28 06:21:42 -05:00			`- [ ] Milestone is set for the version this MR applies to`
			`- [ ] Title of this MR is the same as for all backports`
			- [ ] A [CHANGELOG entry](https://docs.gitlab.com/ee/development/changelog.html) is added without a `merge_request` value, with `type` set to `security`
Address docs review feedback 2019-01-29 05:57:21 -05:00			- [ ] Add a link to this MR in the `links` section of related issue
Update the MR template for security MRs This makes two changes to the template: 1. EE MRs are now always required (see https://gitlab.com/gitlab-org/release/framework/issues/256 for a backstory). 2. We clarify that a release manager is not a suitable reviewer for security merge requests. 2019-03-27 08:35:28 -04:00			`- [ ] Set up an EE MR (always required for CE merge requests): EE_MR_LINK_HERE`
			`- [ ] Assign to a reviewer (that is not a release manager)`
Create security release MR template Improve existing issue templates for security releases 2019-01-28 06:21:42 -05:00
Author is Developer in sec. release MR template 2019-02-05 08:57:44 -05:00			`## Reviewer checklist`
Create security release MR template Improve existing issue templates for security releases 2019-01-28 06:21:42 -05:00
			`- [ ] Correct milestone is applied and the title is matching across all backports`
			- [ ] Assigned to `@gitlab-release-tools-bot` with passing CI pipelines

Remove requirement to target security branches This removes the requirement and any mention of targeting security branches when working on security releases. The release process documentation changes for these CE changes can be found in merge request https://gitlab.com/gitlab-org/release/docs/merge_requests/97. The proposal to remove security branches was approved in https://gitlab.com/gitlab-org/release/framework/issues/165#note_138139016. 2019-02-06 08:14:55 -05:00			`/label ~security`