Merge branch 'docs-update-security-release-merge-request-template' into 'master'

Updates Security Release MR template See merge request gitlab-org/gitlab!21576

Merge branch 'docs-update-security-release-merge-request-template' into 'master'
Updates Security Release MR template See merge request gitlab-org/gitlab!21576
01010815 · Mayra Cabrera · fe85fc63 · 6792ff62 · 01010815
Commit 01010815 authored Dec 18, 2019 by Mayra Cabrera
Hide whitespace changes
Inline Side-by-side

Showing with 15 additions and 15 deletions

.gitlab/merge_request_templates/Security Release.md .gitlab/merge_request_templates/Security Release.md +15 -15

No files found.
--- a/.gitlab/merge_request_templates/Security Release.md
+++ b/.gitlab/merge_request_templates/Security Release.md
 <!--
 # README first!
-This MR should be created on `dev.gitlab.org`.
+This MR should be created on `gitlab.com/gitlab-org/security/gitlab`.

 See [the general developer security release guidelines](https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md).

-This merge request _must not_ close the corresponding security issue _unless_ it
-targets master.
-
-When submitting a merge request for CE, a corresponding EE merge request is
-always required. This makes it easier to merge security merge requests, as
-manually merging CE into EE is no longer required.
-
 -->
+
 ## Related issues

 <!-- Mention the issue(s) this MR is related to -->

 ## Developer checklist

- [ ] Link to the developer security workflow issue on `dev.gitlab.org`
- [ ] MR targets `master`, or `X-Y-stable` for backports
- [ ] Milestone is set for the version this MR applies to
- [ ] Title of this MR is the same as for all backports
+- [ ] Link this MR in the `links` section of the related issue on [GitLab Security].
+- [ ] Merge request targets `master`, or `X-Y-stable` for backports.
+- [ ] Milestone is set for the version this merge request applies to.
+- [ ] Title of this merge request is the same as for all backports.
 - [ ] A [CHANGELOG entry](https://docs.gitlab.com/ee/development/changelog.html) is added without a `merge_request` value, with `type` set to `security`
- [ ] Add a link to this MR in the `links` section of related issue
- [ ] Set up an EE MR (always required for CE merge requests): EE_MR_LINK_HERE
- [ ] Assign to a reviewer (that is not a release manager)
+- [ ] Assign to a reviewer and maintainer, per our [Code Review process].
+- [ ] If this merge request targets `master`, ensure it's approved according to our [Approval Guidelines].
+- [ ] Merge request _must not_ close the corresponding security issue, _unless_ it targets `master`.
+
+**Note:** Reviewer/maintainer should not be a Release Manager

 ## Reviewer checklist

@@ -33,3 +29,7 @@ manually merging CE into EE is no longer required.
 - [ ] Assigned to `@gitlab-release-tools-bot` with passing CI pipelines

 /label ~security
+
+[GitLab Security]: https://gitlab.com/gitlab-org/security/gitlab
+[approval guidelines]: https://docs.gitlab.com/ee/development/code_review.html#approval-guidelines
+[Code Review process]: https://docs.gitlab.com/ee/development/code_review.html