FE: Add Project Approval Settings to Security Policies
Why are we doing this work
This work can be done in parallel to work made in Allow users to define branch exceptions to enfo... (&9567 - closed), although the feature flag for it should not be enabled before releasing Allow users to define branch exceptions to enfo... (&9567 - closed) first.
In the scope of this issue, we would like to extend Scan Result Policies with a new section, Override project approval settings
added below Actions
with a single setting only Prevent branch protection modification
(disabled by default when scan_result_policy -> [] -> approval_settings -> block_protected_branch_modification
is missing in the Policy YAML, included and enabled for all new policies).
Design
Relevant links
Non-functional requirements
-
Documentation: changes should be documented in Protected Branches and Scan Result Policies sections of the documentation, -
Feature flag: this feature should be released behind feature flag -
Performance: -
Testing:
Implementation plan
-
frontend add new settings section -
frontend add header and first setting -
frontend add sub-header When settings are not enabled in a project, this policy will enable and override project settings for approval rules created by this policy
whereproject settings
navigates the user to/-/settings
Verification steps
- Create a new project
- Create a new Scan Result Policy for this project
- Select
Block users from unprotecting branches
and save the policy - Modify the policy to disable this setting
Edited by Alexander Turinske