Skip to content
Snippets Groups Projects

Add branch_type validations

Merged Martin Čavoj requested to merge 404777-add-branch_type-validations into master

What does this MR do and why?

This MR adds validation for the new branch_type that we're adding in &9468 (closed).

The validation is only applied when the feature flag security_policies_branch_type is enabled.

Screenshots or screen recordings

CleanShot_2023-06-01_at_09.23.12_2x

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

  1. In rails console enable the feature flag
    Feature.enable(:security_policies_branch_type)
  2. Go to Settings -> Repository -> Protected branches and unprotect the main branch
  3. Add a new scan execution policy with the following yaml:
    type: scan_execution_policy
    name: Pipeline / Protected Branches / Secret Detection
    description: ''
    enabled: true
    rules:
      - type: pipeline
        branch_type: protected
    actions:
      - scan: secret_detection
  4. Clicking on Configure with a merge request should give an error Branch types don't match any existing branches.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #404777 (closed)

Edited by Martin Čavoj

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
  • Martin Čavoj added 2 commits

    added 2 commits

    • eca80237 - 1 commit from branch 404774-add-branch_type-support-to-scan-execution-policies
    • 5bbd48b1 - Add branch_type validations

    Compare with previous version

  • Martin Čavoj resolved all threads

    resolved all threads

  • Dominic Bauer deleted the 404774-add-branch_type-support-to-scan-execution-policies branch. This merge request now targets the master branch

    deleted the 404774-add-branch_type-support-to-scan-execution-policies branch. This merge request now targets the master branch

  • A deleted user added documentation feature flag labels
  • Contributor

    Allure report

    allure-report-publisher generated test report!

    e2e-test-on-gdk: :exclamation: test report for 8de296ff

    expand test summary
    +-----------------------------------------------------------------------+
    |                            suites summary                             |
    +------------------+--------+--------+---------+-------+-------+--------+
    |                  | passed | failed | skipped | flaky | total | result |
    +------------------+--------+--------+---------+-------+-------+--------+
    | Create           | 8      | 0      | 1       | 0     | 9     | ✅     |
    | Framework sanity | 0      | 0      | 1       | 0     | 1     | ➖     |
    | Manage           | 1      | 0      | 0       | 0     | 1     | ✅     |
    | Plan             | 4      | 0      | 0       | 0     | 4     | ✅     |
    | Data Stores      | 2      | 0      | 0       | 1     | 2     | ❗     |
    | Monitor          | 4      | 0      | 0       | 0     | 4     | ✅     |
    | Govern           | 2      | 0      | 0       | 0     | 2     | ✅     |
    +------------------+--------+--------+---------+-------+-------+--------+
    | Total            | 21     | 0      | 2       | 1     | 23    | ❗     |
    +------------------+--------+--------+---------+-------+-------+--------+

    e2e-package-and-test: :exclamation: test report for 5bbd48b1

    expand test summary
    +-----------------------------------------------------------------------+
    |                            suites summary                             |
    +------------------+--------+--------+---------+-------+-------+--------+
    |                  | passed | failed | skipped | flaky | total | result |
    +------------------+--------+--------+---------+-------+-------+--------+
    | Plan             | 150    | 0      | 0       | 0     | 150   | ✅     |
    | Govern           | 82     | 0      | 10      | 2     | 92    | ❗     |
    | Create           | 262    | 0      | 44      | 8     | 306   | ❗     |
    | Data Stores      | 68     | 0      | 0       | 0     | 68    | ✅     |
    | Manage           | 64     | 0      | 6       | 2     | 70    | ❗     |
    | Verify           | 104    | 0      | 10      | 0     | 114   | ✅     |
    | Release          | 12     | 0      | 0       | 0     | 12    | ✅     |
    | Analytics        | 4      | 0      | 0       | 0     | 4     | ✅     |
    | Fulfillment      | 4      | 0      | 50      | 0     | 54    | ✅     |
    | Framework sanity | 0      | 0      | 2       | 0     | 2     | ➖     |
    | Package          | 0      | 0      | 6       | 0     | 6     | ➖     |
    | Monitor          | 16     | 0      | 4       | 0     | 20    | ✅     |
    | ModelOps         | 0      | 0      | 2       | 0     | 2     | ➖     |
    | Secure           | 4      | 0      | 18      | 0     | 22    | ✅     |
    | Growth           | 0      | 0      | 4       | 0     | 4     | ➖     |
    | Configure        | 0      | 0      | 6       | 0     | 6     | ➖     |
    +------------------+--------+--------+---------+-------+-------+--------+
    | Total            | 770    | 0      | 162     | 12    | 932   | ❗     |
    +------------------+--------+--------+---------+-------+-------+--------+
  • Martin Čavoj added 3091 commits

    added 3091 commits

    • 5bbd48b1...060ab9e2 - 3090 commits from branch master
    • 8721f5a7 - Add branch_type validations

    Compare with previous version

  • Martin Čavoj added 1 commit

    added 1 commit

    Compare with previous version

  • Martin Čavoj marked this merge request as ready

    marked this merge request as ready

  • Martin Čavoj requested review from @bauerdominic

    requested review from @bauerdominic

  • Martin Čavoj added 1 commit

    added 1 commit

    Compare with previous version

  • Dominic Bauer approved this merge request

    approved this merge request

  • Dominic Bauer requested review from @bala.kumar and removed review request for @bauerdominic

    requested review from @bala.kumar and removed review request for @bauerdominic

  • :wave: @bauerdominic, thanks for approving this merge request.

    This is the first time the merge request is approved. To ensure full test coverage, a new pipeline will be started shortly.

    For more info, please refer to the following links:

  • Bala Kumar
  • Bala Kumar removed review request for @bala.kumar

    removed review request for @bala.kumar

  • Martin Čavoj added 1 commit

    added 1 commit

    Compare with previous version

  • Martin Čavoj requested review from @bala.kumar

    requested review from @bala.kumar

  • Martin Čavoj added 1 commit

    added 1 commit

    Compare with previous version

  • Bala Kumar resolved all threads

    resolved all threads

  • Bala Kumar approved this merge request

    approved this merge request

  • Bala Kumar enabled an automatic merge when the pipeline for 0931de03 succeeds

    enabled an automatic merge when the pipeline for 0931de03 succeeds

  • merged

  • Bala Kumar mentioned in commit 0f75dadc

    mentioned in commit 0f75dadc

  • added workflowstaging label and removed workflowcanary label

  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Please register or sign in to reply
    Loading