Release security policy bot users for groups (!128988) · Merge requests · GitLab.org / GitLab

Andy Schoenen requested to merge 418021-default-enable-scan_execution_group_bot_users into master Aug 10, 2023

What does this MR do and why?

With this feature, every project in a group that was newly linked to a security policy project will get a security policy bot user member assigned.

Scheduled scan execution pipelines will be triggered by this bot user.

Bot users will have access to only one project at a time, so it will prevent using scan execution pipelines to access other projects.

Documentation added in !128605 (merged)

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #418021 (closed)

Release security policy bot users for groups

What does this MR do and why?

MR acceptance checklist

Merge request reports