Add a job preparing EVNs

Add a new GitLab CI job that automatically generates BIND 9 Early
Vulnerability Notifications based on the metadata for the current
release cycle.

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index b52d5831a7448caedd755d97e5d4c122c9ad7dbc..e11c341a8709e3ca4d1564154c16eab14c71cf19 100644 (file)
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -309,6 +309,9 @@ stages:
 .rule_tag_open_source: &rule_tag_open_source
   - if: '$CI_PROJECT_NAMESPACE == "isc-private" && $CI_COMMIT_TAG != null && $CI_COMMIT_TAG !~ /-S/'
 
+.rule_tag_security: &rule_tag_security
+  - if: '$CI_PROJECT_NAMESPACE == "isc-private" && $CI_COMMIT_TAG != null && $RELEASE_TYPE == "security"'
+
 .rule_tag_security_or_subscription: &rule_tag_security_or_subscription
   - if: '$CI_PROJECT_NAMESPACE == "isc-private" && $CI_COMMIT_TAG != null && ($RELEASE_TYPE == "security" || $CI_COMMIT_TAG =~ /-S/)'
 
@@ -1795,6 +1798,15 @@ prepare-release-announcement:
   rules:
     - *rule_tag_open_source
 
+# Job preparing an EVN MR in Printing Press
+
+prepare-evn:
+  <<: *printing_press_job
+  variables:
+    DOCUMENT: evn
+  rules:
+    - *rule_tag_security
+
 # Job merging the tag back into its base branch
 
 merge-tag: