Allow merge when rules are invalid for security policy project (!120240) · Merge requests · GitLab.org / GitLab

Martin Čavoj requested to merge 410456-create-an-exception-to-invalid-rules-for-security-policy-projects into master May 10, 2023

What does this MR do and why?

This MR changes the behavior of for invalid security policy rules and allows merge of invalid security policy rules if the project is a security policy project.

Screenshots or screen recordings

Before

After:

Security policy projects get auto-approved:

Normal projects still fail-close:

How to set up and validate locally

Create a group
Create a group scan result policy, for example requiring SAST scanners, which is invalid - require more approvals than eligible approvers and merge it
Make sure to invite the user whose approval is required directly into the group
Edit the policy, fix the number of required approvals
The MR for the security policy project should not be blocked due to invalid rule and it should be auto-approved.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #410456 (closed)

Edited May 10, 2023 by Martin Čavoj

Allow merge when rules are invalid for security policy project