Allow to save Security Policy YAML with policy scope (!134504) · Merge requests · GitLab.org / GitLab

Alan (Maciej) Paruszewski requested to merge 428477-add-yaml-for-policy-scope into master Oct 18, 2023

What does this MR do and why?

This MR extends the Security Policy JSON Schema with ability to store policy_scope with options to save compliance frameworks/included projects/excluded projects.

How to set up and validate locally

Create new Project
Create new Policy for the project (for both Scan Execution Policy and Scan Result Policy) [Secure -> Policies -> Create new]
Try to save policy - this should work without any problems
Go to back to creating new policy
Choose YAML-mode in the Policy Editor

Try to add policy_scope:

...
policy_scope:
  compliance_frameworks:
  - id: 12345
  projects:
    including:
    - id: 12345
    excluding:
    - id: 23456
...

Policy should be saved without problems.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #428477 (closed)

Allow to save Security Policy YAML with policy scope

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports