Extend Actions in Scan Execution Policy to include Runner Tags

Why are we doing this work

With https://docs.gitlab.com/ee/ci/runners/configure_runners.html#use-tags-to-control-which-jobs-a-runner-can-run you can select tags for each job in your .gitlab-ci.yml file. These tags allows to control which jobs a runner can run.

With this feature we want to add this functionality to GitLab and extend Scan Execution Policy with information about tags.

You can read more about this in Allow Users to Define Tags for Scan Execution P... (&9176 - closed).

Relevant links

Non-functional requirements

  • Documentation: Extend the documentation to include this field in the schema
  • [-] Feature flag: No need for feature flag in this case.
  • [-] Performance:
  • [-] Testing:

Implementation plan

  • backend modify ::Security::SecurityOrchestrationPolicies::CiConfigurationService#execute method to include information about tags if needed,
  • backend modify Security::SecurityOrchestrationPolicies::OnDemandScanPipelineConfigurationService#execute method to include information about tags if needed,
  • backend extend ee/app/validators/json_schemas/security_orchestration_policy.json to include information about tags in actions[] field,

Verification steps

Edited by Sashi Kumar Kumaresan