jramos/cve-dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a61d254ff998e6243295bf5a413f75ab8e54c5d8
cve-dashboard/.kiro/steering/gitlab-workflow.md
Jordan Ramos a61d254ff9 Sync .kiro/ from master — v2.2.0 release batch 
New specs: archer-template-library, ccp-metrics-view-restructure,
compliance-list-stale-after-sidebar-edit, compliance-metric-estimated-resolution-date,
compliance-remediation-display-fix, flexible-jira-ticket-creation,
forecast-burndown-chart, granite-loader-export, ivanti-queue-clear-completed-fix,
multi-item-jira-ticket, queue-collapsible-sections, vendor-issue-type-dropdown

New steering: archer-template-gen.md

Updated: migration-registration-check hook, remediation-plan-history spec,
gitlab-workflow, tech, versioning steering files
2026-06-04 11:27:31 -06:00

49 lines
2.3 KiB
Markdown
Raw Blame History

# GitLab Issue Traceability
## Commit Messages
When a commit fixes or resolves a GitLab issue:
- Include `Closes #N` (or `Fixes #N`) on its own line at the end of the commit message body, where N is the GitLab issue number.
- If the fix addresses multiple issues, include one `Closes #N` per issue, each on its own line.
- The CI pipeline's `after_script` will auto-comment on the referenced issues with a link to the deploy pipeline.
Example:
```
Fix duplicate chart entries on compliance page
Aggregate /trends and /category-trend by report_date instead of per-upload row.
Closes #12
```
## Issue References in Code
When working from a GitLab issue, reference the issue number in:
- The commit message (required — `Closes #N`)
- The spec's `bugfix.md` introduction (for traceability from spec to issue)
- Test file header comments (optional — helps future developers find context)
## Closing Issues
- Prefer closing issues via commit message keywords (`Closes`, `Fixes`, `Resolves`) so GitLab auto-closes them when the pipeline succeeds on the default branch.
- If a commit was pushed without the keyword, close the issue via the API after confirming the deploy succeeded.
- **Always post a brief summary comment** on the issue when closing it. One or two sentences describing what was done is enough — the goal is that anyone reading the issue later understands the resolution without digging through commits. Post the comment via the GitLab API:
```bash
curl --silent --request POST \
--header "PRIVATE-TOKEN: $GITLAB_PAT" \
--header "Content-Type: application/json" \
--data '{"body": "Fixed in <commit>. <1-2 sentence summary of what changed>."}' \
"http://steam-gitlab.charterlab.com/api/v4/projects/13/issues/<N>/notes"
```
## Pipeline Notifications
The `deploy-staging` and `deploy-production` jobs in `.gitlab-ci.yml` have `after_script` blocks that parse `#N` references from the commit message and post a comment on each referenced issue with a link to the pipeline. This requires `GITLAB_PAT` to be set as a CI/CD variable in the project settings.
### Setup Required
1. Go to **Settings → CI/CD → Variables** in the GitLab project
2. Add variable: `GITLAB_PAT` = the project access token (already exists as `glpat-...` in `backend/.env`)
3. Mark it as **Protected** and **Masked**
Reference in New Issue View Git Blame Copy Permalink