Pipeline Execution Policy: Allow to inject Jobs in a Downstream Pipeline (Parent-child pipelines) in the same project

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

The issue

Currently, GitLap Pipeline Execution Policy (PEP) Allows to inject Jobs into usual pipelines.

But more and more users are using the Parent-child pipelines that triggers a downstream pipeline in the same project. The child pipeline can even build an application without the Main (Parent) Pipeline know what happened there.

• Users can build and deploy an application/code from child pipeline.
• child pipelines can download external code, clone other repositories, meaning that the code is different from when it processed/scanned during earlier stages of the pipeline, like .pipeline-policy-pre stage or too late like in .pipeline-policy-post.
• The Injected jobs can be scanning something totally different from what is inside a downstream pipeline.

Proposed solution

Provide PEP a configuration that allow inject compliance jobs inside downstream pipelines (in the same project) as well.