License approval policy require approval when no pipeline runs when looking for pre-existing licenses
The following discussion from !141095 (merged) should be addressed:
-
@mcavoj started a discussion: (+1 comment) @sashi_kumar I had a brief look at this MR while reviewing !141052 (merged) and had a quick thought: I see that this change related to
scan_finding
rules. Do we potentially have the same issue forlicense_scanning
too?
Verification Steps
- Create a project
- Add dependency scanning to gitlab-ci.yml
include:
- template: Jobs/Dependency-Scanning.gitlab-ci.yml
build-job:
script:
- echo "Building"
- Add a Gemfile.lock with some dependencies (MIT license)
GEM
remote: https://rubygems.org/
specs:
diff-lcs (1.5.1)
rspec (3.13.0)
rspec-core (~> 3.13.0)
rspec-expectations (~> 3.13.0)
rspec-mocks (~> 3.13.0)
rspec-core (3.13.0)
rspec-support (~> 3.13.0)
rspec-expectations (3.13.0)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.13.0)
rspec-mocks (3.13.0)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.13.0)
rspec-support (3.13.1)
PLATFORMS
arm64-darwin-21
DEPENDENCIES
rspec (~> 3.13)
BUNDLED WITH
2.4.13
- Go to Secure -> Policies and create a new policy:
type: approval_policy
name: Pre-Existing License Policy
description: ''
enabled: true
rules:
- type: license_finding
match_on_inclusion_license: true
license_types:
- MIT License
license_states:
- detected
branch_type: protected
actions:
- type: require_approval
approvals_required: 1
role_approvers:
- developer
- Create an MR that updates README and verify that the MR requires approval and bot comment is added
Edited by Sashi Kumar Kumaresan