Add button to process only security updates

Signed-off-by: Dylan Aïssi <dylan.aissi@collabora.com>

.gitlab-ci.yml

@@ -35,6 +35,13 @@ variables:
       For instance use `*` to process all updates, `dash` to only process `pkg/dash`.
       Leave it empty to not trigger any update.
     value: ""
+  TRIGGER_SECURITY_UPDATES:
+    description: |
+      Set to `1` to pull only security updates from upstream.
+    value: ""
+    options:
+      - ""
+      - "1"
   TRIGGER_GITLAB_RULEZ:
     description: |
       Set to `apply` to run gitlab-rulez on GitLab repositories.
@@ -623,6 +630,7 @@ trigger-updates:
         --gitlab-server-url "${CI_SERVER_URL}"
         --projects packaging.json
         --filter "${TRIGGER_UPDATES}"
+        ${TRIGGER_SECURITY_UPDATES:+--only-security}
         ${DEBUG:+--debug}
         ${LOG_TO_FILE:+--log-to-file $LOG_TO_FILE}
   artifacts:

templates/index.html.jinja2

@@ -196,6 +196,12 @@
       &var[TRIGGER_FROM_JOB]={{- meta.current_job_url -}}
       {%- endif -%}
       ">Update all</a>
+    <a class="btn btn-danger {{'disabled' if not summary.update_errors_count }}"
+        href="{{- meta.new_pipeline_url -}}&amp;var[TRIGGER_UPDATES]=*&amp;var[TRIGGER_SECURITY_UPDATES]=1
+      {%- if meta.current_job_url -%}
+      &amp;var[TRIGGER_FROM_JOB]={{- meta.current_job_url -}}
+      {%- endif -%}
+      ">Update security</a>
     {%- endif %}
   </div>
 {% endblock %}