Merge request approval policies continue to evaluate archived projects

Summary

It was reported by a customer (internal Zendesk link) that they continue to receive bot message on merge request approval policy violations on open MRs even though the project is archived with a note This is an archived project. Repository and other project resources are read-only.. This behavior causes unnecessary noise on the MRs.

Steps to reproduce

Not reproduced yet

Example Project

What is the current bug behavior?

GitLab Security Bot send message on merge request approval policy violations on open merge requests for archived projects.

What is the expected correct behavior?

GitLab Security Bot doesn't send messages on merge request approval policy violations on open merge requests for archived projects.

Relevant logs and/or screenshots

Output of checks

This bug happens on GitLab.com

Workaround

1. To prevent this behavior, users need to un-archive the project and close the merge request.
2. Update the scope of the policy to filter out the project, so policies no longer apply to archived projects.

Possible fixes

Based on the documentation (https://docs.gitlab.com/ee/user/project/working_with_projects.html#archive-a-project), we should not post policy bot comments on archived project MRs.

As this is a breaking change, we will plan to fix this behavior in %18.0. We will use a FF to allow users to take advantage of it and then enable by default in %18.0.