Extend Actions in Scan Execution Policy to include Runner Tags
Why are we doing this work
With https://docs.gitlab.com/ee/ci/runners/configure_runners.html#use-tags-to-control-which-jobs-a-runner-can-run you can select tags for each job in your .gitlab-ci.yml
file. These tags allows to control which jobs a runner can run.
With this feature we want to add this functionality to GitLab and extend Scan Execution Policy with information about tags.
You can read more about this in Allow Users to Define Tags for Scan Execution P... (&9176 - closed).
Relevant links
Non-functional requirements
-
Documentation: Extend the documentation to include this field in the schema - [-] Feature flag: No need for feature flag in this case.
- [-] Performance:
- [-] Testing:
Implementation plan
-
backend modify ::Security::SecurityOrchestrationPolicies::CiConfigurationService#execute
method to include information about tags if needed, -
backend modify Security::SecurityOrchestrationPolicies::OnDemandScanPipelineConfigurationService#execute
method to include information about tags if needed, -
backend extend ee/app/validators/json_schemas/security_orchestration_policy.json
to include information about tags inactions[]
field,
Verification steps
Edited by Sashi Kumar Kumaresan