Add linked_to_security_tracking_issue? (!2612) · Merge requests · GitLab.org / release-tools

What does this MR do and why?

This adds a method, #linked_to_security_tracking_issue?, to Security::ImplementationIssue so we can check if it is linked to the current security release tracking issue.

This will allow us to check if a given security implementation issue is ready to be linked or unlinked to a security release tracking issue by checking things like implementation_issue.ready_to_be_processed? && !implementation_issue.linked_to_security_tracking_issue?. See this Draft of how this might look: !2615 (diffs).

Testing

To test this, I checked two security implementation issue, one that was known to be unlinked (https://gitlab.com/gitlab-org/security/gitlab/-/issues/967) and one that was known to be linked.

Unlinked Issue

[2] pry(main)> crawler = ReleaseTools::Security::IssueCrawler.new
=> #<ReleaseTools::Security::IssueCrawler:0x000000010be43ca0>
[3] pry(main)> evaluable = crawler.security_issues_and_merge_requests_for(crawler.evaluable_security_issues)
2023-09-06 12:16:35.161624 D [dry-run] ReleaseTools::GitlabClient -- [HTTParty] [2023-09-06 12:16:35 -0600] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fsecurity%2Fcharts%2Fcomponents%2Fimages/issues" 2
2023-09-06 12:16:35.468202 D [dry-run] ReleaseTools::GitlabClient -- [HTTParty] [2023-09-06 12:16:35 -0600] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fsecurity%2Fgitaly/issues" 2
2023-09-06 12:16:35.855700 D [dry-run] ReleaseTools::GitlabClient -- [HTTParty] [2023-09-06 12:16:35 -0600] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fsecurity%2Fgitlab/issues" -
2023-09-06 12:16:41.217772 D [dry-run] ReleaseTools::GitlabClient -- [HTTParty] [2023-09-06 12:16:41 -0600] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fsecurity%2Fgitlab-pages/issues" 2
2023-09-06 12:16:41.542436 D [dry-run] ReleaseTools::GitlabClient -- [HTTParty] [2023-09-06 12:16:41 -0600] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fsecurity%2Fomnibus-gitlab/issues" 2
2023-09-06 12:16:42.285537 D ReleaseTools::GitlabClient -- [HTTParty] [2023-09-06 12:16:42 -0600] 200 "GET https://gitlab.com/api/v4/projects/XXX/issues/XXX/related_merge_requests" -
=> [#<ReleaseTools::Security::ImplementationIssue:0x000000010bc43040.......]
[4] pry(main)> evaluable.first.linked_to_security_tracking_issue?
2023-09-06 12:16:50.222292 D [dry-run] ReleaseTools::GitlabClient -- [HTTParty] [2023-09-06 12:16:50 -0600] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fgitlab/issues" -
2023-09-06 12:16:50.742189 D [dry-run] ReleaseTools::GitlabClient -- [HTTParty] [2023-09-06 12:16:50 -0600] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fgitlab/issues/423920/links" -
=> false

Linked issue

[14] pry(main)> related = crawler.security_issues_and_merge_requests_for(crawler.related_security_issues)
2023-09-06 12:17:27.824248 D [dry-run] ReleaseTools::GitlabClient -- [HTTParty] [2023-09-06 12:17:27 -0600] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fgitlab/issues/423920/links" -
2023-09-06 12:17:28.252983 D ReleaseTools::GitlabClient -- [HTTParty] [2023-09-06 12:17:28 -0600] 200 "GET https://gitlab.com/api/v4/projects/XXX/issues/XXX/related_merge_requests" -
2023-09-06 12:17:28.347068 D ReleaseTools::GitlabClient -- [HTTParty] [2023-09-06 12:17:28 -0600] 200 "GET https://gitlab.com/api/v4/projects/XXX/issues/XXX/related_merge_requests" -
2023-09-06 12:17:28.379267 D ReleaseTools::GitlabClient -- [HTTParty] [2023-09-06 12:17:28 -0600] 200 "GET https://gitlab.com/api/v4/projects/XXX/issues/XXX/related_merge_requests" -
2023-09-06 12:17:28.439225 D ReleaseTools::GitlabClient -- [HTTParty] [2023-09-06 12:17:28 -0600] 200 "GET https://gitlab.com/api/v4/projects/XXX/issues/XXX/related_merge_requests" -
2023-09-06 12:17:28.530426 D ReleaseTools::GitlabClient -- [HTTParty] [2023-09-06 12:17:28 -0600] 200 "GET https://gitlab.com/api/v4/projects/XXX/issues/XXX/related_merge_requests" -
2023-09-06 12:17:28.531269 D ReleaseTools::GitlabClient -- [HTTParty] [2023-09-06 12:17:28 -0600] 200 "GET https://gitlab.com/api/v4/projects/XXX/issues/XXX/related_merge_requests" -
2023-09-06 12:17:28.568141 D ReleaseTools::GitlabClient -- [HTTParty] [2023-09-06 12:17:28 -0600] 200 "GET https://gitlab.com/api/v4/projects/XXX/issues/XXX/related_merge_requests" -
2023-09-06 12:17:28.681919 D ReleaseTools::GitlabClient -- [HTTParty] [2023-09-06 12:17:28 -0600] 200 "GET https://gitlab.com/api/v4/projects/XXX/issues/XXX/related_merge_requests" -
2023-09-06 12:17:29.186310 D ReleaseTools::GitlabClient -- [HTTParty] [2023-09-06 12:17:29 -0600] 200 "GET https://gitlab.com/api/v4/projects/XXX/issues/XXX/related_merge_requests" -
2023-09-06 12:17:29.598798 D ReleaseTools::GitlabClient -- [HTTParty] [2023-09-06 12:17:29 -0600] 200 "GET https://gitlab.com/api/v4/projects/XXX/issues/XXX/related_merge_requests" -
=> [#<ReleaseTools::Security::ImplementationIssue:0x000000010b767850......]
[15] pry(main)> related.first.linked_to_security_tracking_issue?
2023-09-06 12:17:35.755777 D [dry-run] ReleaseTools::GitlabClient -- [HTTParty] [2023-09-06 12:17:35 -0600] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fgitlab/issues" -
2023-09-06 12:17:36.374764 D [dry-run] ReleaseTools::GitlabClient -- [HTTParty] [2023-09-06 12:17:36 -0600] 200 "GET https://gitlab.com/api/v4/projects/gitlab-org%2Fgitlab/issues/423920/links" -
=> true

Author Check-list

[-] Has documentation been updated?

Edited Sep 06, 2023 by Steve Abrams

Add linked_to_security_tracking_issue?

What does this MR do and why?

Testing

Author Check-list

Merge request reports