Sync approval rules for group policies when transferring a project (!127123) · Merge requests · GitLab.org / GitLab

Martin Čavoj requested to merge 415925-fix-policies-for-project-transfer into master Jul 20, 2023

What does this MR do and why?

This MR adds a sync of approval rules for inherited group policies when transferring a project. Before this fix, the approval project rules from inherited group policy wouldn't be deleted when project is being transferred outside of the hierarchy. This MR fixes it and also ensures that new group's policy rules (if any) are being created by enqueuing Security::ScanResultPolicies::SyncProjectWorker.

Recording

project_transfer

How to set up and validate locally

Create two groups
Create different policies in each group
Create a project in one group
Create MR which violates the policy
Go to Settings -> General -> Advanced -> Transfer project to the second group
Observe that MR rules correspond to the policy in the new group and the old rule is not enforced anymore

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #415925 (closed)

Edited Jul 20, 2023 by Martin Čavoj

Sync approval rules for group policies when transferring a project

What does this MR do and why?

Recording

How to set up and validate locally

MR acceptance checklist

Merge request reports