Scan result/execution policy delete option is removing the wrong policy rule
Summary
When attempting to delete a rule/condition/action in a policy using the policy editor, the rule/condition/action below the one being deleted is removed instead.
| Scenario | Screenshot |
|---|---|
For scan result policies, this happens when there are two or more rules created of the same type (e.g. security scan, license scan, or merge request) next to each other |
 |
| For scan execution policies, this happens for actions |  |
Steps to reproduce
See Loom video.
Scan Result Policy
- Upload a GitLab Ultimate license
- Navigate to a project/group => Secure => Policies => New policy => Scan Result Policy
- Create multiple rules of the same type and change various other parameters to distinguish between them
- Remove the first rule
Scan Execution Policy
- Upload a GitLab Ultimate license
- Navigate to a project/group => Secure => Policies => New policy => Scan Execution Policy
- Create multiple actions change various other parameters to distinguish between them
- Remove the first action
Example Project
What is the current bug behavior?
Scan Result Policy
- when the first rule is removed in rule mode, the second rule is removed. The yaml updates correctly
Scan Execution Policy
- when the first action is removed in rule mode, the second action is removed. The yaml updates correctly
The wrong rule is deleted.
What is the expected correct behavior?
Scan Result Policy
- when the first rule is removed in rule mode, the first rule is removed. The yaml updates correctly
Scan Execution Policy
- when the first action is removed in rule mode, the first action is removed. The yaml updates correctly
The rule I select should be deleted.
Relevant logs and/or screenshots
See Loom video.
| Scenario | Video |
|---|---|
| Scan Result Policy | sep |
| Scan Execution Policy | srp |
Output of checks
Results of GitLab environment info
Expand for output related to GitLab environment info
(For installations with omnibus-gitlab package run and paste the output of: `sudo gitlab-rake gitlab:env:info`) (For installations from source run and paste the output of: `sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)
Results of GitLab application Check
Expand for output related to the GitLab application check
(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:check SANITIZE=true)(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true)(we will only investigate if the tests are passing)
Possible fixes
For both of these issues, the underlying problem is the same; the frontend uses the index of the action/rule for the key of the v-for loops, so when one action/rule is deleted, the index of the next one takes the places of the previous one, and Vue doesn't see a difference and doesn't update appropriately.
Scan Result Policy
-
do something similar to Draft: Fix bug where deletion of sep action was... (!122434 - closed) in https://gitlab.com/gitlab-org/gitlab/-/blob/232e6efa479fd32ec551a659a72df9dc156e4fba/ee/app/assets/javascripts/security_orchestration/components/policy_editor/scan_result/editor_component.vue for both rules and actions
Scan Execution Policy
-
do something similar to Draft: Fix bug where deletion of sep action was... (!122434 - closed) in https://gitlab.com/gitlab-org/gitlab/-/blob/232e6efa479fd32ec551a659a72df9dc156e4fba/ee/app/assets/javascripts/security_orchestration/components/policy_editor/scan_execution/editor_component.vue for both rules and actions