Allow ability to enable scan execution policies for all agents in policy yaml file

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

Close this issue

Proposal

Currently there is no way to enable operational container scanning via scan execution policies for all agents without having to list each agent's name. This proposal is to add ability to imply multiple agents given in agent-name in the rule with type schedule.

An example can be:

name: Container scanning for my agent
description: ''
enabled: true
actions:
- scan: container_scanning
rules:
- type: schedule
  cadence: 27 20 * * *
  agents:
    dev-*:
      namespaces:
      - gitlab-nonprod
      - default
    prod-*:
      namespaces:
      - gitlab

Also perhaps a way to imply all agents:

name: Container scanning for my agent
description: ''
enabled: true
actions:
- scan: container_scanning
rules:
- type: schedule
  cadence: 27 20 * * *
  agents:
    all:
      namespaces:
      - gitlab-nonprod
      - default

Edited Aug 28, 2025 by 🤖 GitLab Bot 🤖