Persist approval_settings and any_merge_request rules in policies
What does this MR do and why?
This MR introduces changes so that we start persisting approval_settings
and any merge request
rules from policies in scan_result_policies
table.
Screenshots or screen recordings
scan_result_policies
record:
approval_project_rules
record for any_merge_request
rule:
How to set up and validate locally
- Go to Secure -> Policies
- Create new Scan Result Policy
- Switch to the
.yaml mode
and use the following YAML:type: scan_result_policy name: Any unsigned MR description: '' enabled: true rules: - type: any_merge_request branch_type: protected commits: unsigned actions: - type: require_approval approvals_required: 1 user_approvers_ids: - 4 # Change to any existing user ID with access to the project approval_settings: prevent_approval_by_author: true prevent_approval_by_commit_author: false remove_approvals_with_new_commit: false require_password_to_approve: true
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #418752 (closed)
Edited by Martin Čavoj