Fix conflicting statements in scan execution policy documentation
Problem to solve
The scan execution policy documentation states:
Once you associate the site profile and scanner profile by name in the policy, it is not possible to modify or delete them. If you want to modify them, you must first disable the policy by setting the
activeflag tofalse.
There are a few issues with this statement's technical content:
- From my research, a policy's status is shown as either "enabled" or "disabled", both in the UI and policy editor. See screenshots below. I'm unsure if there was ever an "active" flag.
- The statement that a site/scanner profile can't be modified or deleted after it's associated with a policy is incorrect. That that statement is incorrect is implied by the sentence that follows it.
Note: Use of the word "disable" (and related forms) is discouraged by the GitLab docs style guide's recommended word list. See https://docs.gitlab.com/ee/development/documentation/styleguide/word_list.html#disable.
Policy content in the policy editor's UI
Policy content shown in the policy editor's YAML preview
Proposal
Rewrite the content, ensuring it's correct technically. My suggestion is:
While a site profile or scanner profile is named in an enabled scan execution policy, it cannot be modified or deleted. To do so you must first disable the policy.
Who can address the issue
Anyone.
Other links/references
N/A