Skip to content

Add support for approval_settings and any_merge_request in policy schema

What does this MR do and why?

This MR adds support for approval_settings and any_merge_request rule type in the policy JSON schema.

How to set up and validate locally

  1. Visit Secure -> Policies
  2. Create a scan result policy with the following YAML:
    type: scan_result_policy
    name: Any MR
    description: ''
    enabled: true
    rules:
      - type: any_merge_request
        commits: unsigned
        branch_type: protected
    actions:
      - type: require_approval
        approvals_required: 1
        user_approvers_ids:
          -  1
    approval_settings:
      prevent_approval_by_author: true
      require_password_to_approve: true

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #418752 (closed)

Merge request reports