Draft: Validate maximum SEP action count
What does this MR do and why?
Introduces:
- an application setting that controls the maximum number of actions per scan execution policy.
- a policy validation that uses the setting
Related to #436545 (closed)
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
How to set up and validate locally
- Create a project
- On the level left sidebar, select Security & Compliance and Policies
- Select New Policy
- Select Scan execution policy
- Switch to .yaml mode.
- Paste the following policy
type: scan_execution_policy name: test description: '' enabled: true rules: - type: pipeline branches: - '*' actions: - scan: secret_detection - scan: secret_detection - scan: secret_detection - scan: secret_detection - scan: secret_detection - scan: secret_detection - scan: secret_detection - scan: secret_detection - scan: secret_detection - scan: secret_detection - scan: secret_detection
- Select Configure with a merge request
- This should fail with "Policy exceeds the number of 10 allowed actions"
Related to #472213
Edited by Dominic Bauer