GraphQL returning empty node list for policies

Summary

A US Gov customer is using GraphQL to query security policies. When using approvalPolicies, scanExecutionPolicies, and pipelineExecutionPolicies we get an empty node list. This happens for both groups and projects. The user has confirmed that the policies exist within both the groups and projects.

Steps to reproduce

Using GraphQL perform a query using approvalPolicies, scanExecutionPolicies, or pipelineExecutionPolicies for groups and projects. It will show an empty list "nodes": []

What is the current bug behavior?

We get an empty node list even though policies exist for the projects and groups.

What is the expected correct behavior?

We should be able to see the policies within the projects and groups.

Results of GitLab environment info

User is on GitLab 17.3.5

Edited Aug 22, 2025 by 🤖 GitLab Bot 🤖