Skip to content

Create scan result license policy summary

Alexander Turinske requested to merge 390450-update-scan-result-license-policy-summary into master

What does this MR do and why?

Describe in detail what your merge request does and why.

Create scan result license policy summary

  • update drawer to show summary for license approval policy
  • add tests

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Scenario Screenshot Text
Single license, single license state image License scanner finds any license matching MIT License that is pre-existing and is in an open merge request targeting all protected branches.
Multiple licenses, all license states image License scanner finds any license except CMU License, CNRI Jython License and CNRI Python License in an open merge request targeting the master branch.
YAML for Single license, single license state 
type: scan_result_policy
name: Require approvers for license policy changes
description: ''
enabled: true
actions:
- type: require_approval
  approvals_required: 1
  user_approvers_ids:
  - 1
rules:
- type: license_finding
  branches: []
  match_on_inclusion: true
  license_types:
  - MIT License
  license_states:
  - detected
YAML for multiple licenses, all license states 
type: scan_result_policy
name: Require approvers for all license states policy
description: ''
enabled: false
actions:
- type: require_approval
  approvals_required: 1
  group_approvers_ids:
  - 31
rules:
- type: license_finding
  branches:
  - master
  match_on_inclusion: false
  license_types:
  - CMU License
  - CNRI Jython License
  - CNRI Python License
  license_states:
  - newly_detected
  - detected

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

  1. Upload a GitLab Ultimate license
  2. Turn on the license_scanning_policies feature flag (echo "Feature.enable(:license_scanning_policies)" | rails c
  3. Navigate to http://gdk.test:3443/flightjs/Flight/-/security/policies/new and create the policies above and save it
  4. Navigate to http://gdk.test:3443/flightjs/Flight/-/security/policies, select the policy and verify the drawer summary

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #390450 (closed)

Edited by Alexander Turinske

Merge request reports