Spike: Verify and implement enforcing policies despite disabled GitLab CI

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Time-box: 4 days

Why are we doing this work

In the scope of this Spike, we would like to verify what we should do to implement option to enforce Scan Execution Policies and Pipeline Execution Policies despite disabled GitLab CI. We want to make it optional for users to do it, perhaps in the policy itself. We need to know potential implications, UX improvements and other things we need to consider before we can release this for users.

As an expected result of this Spike, we would like to get the following:

• PoC MR with proposed changes for backend (GraphQL API, database changes, etc.) or initial plan how to implement it,
• implementation issues for backend and frontend,