Add a new worker to process the pipeline creation for sep (!147691) · Merge requests · GitLab.org / GitLab

Marcos Rocha requested to merge mc_rocha-add-work-create-pipeline-sep into master Mar 22, 2024

What does this MR do and why?

Add a new worker to process the pipeline creation for scheduled scan_execution_policies.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

How to set up and validate locally

Enable the feature flag

echo "Feature.enable(:scan_execution_pipeline_worker)" | rails c

Create a new project
Go to Secure > Policies
Click on New policy
Select Scan Execution policy
Change to .yaml mode
Copy the yaml below:

type: scan_execution_policy
name: schedule
description: ''
enabled: true
rules:
  - type: schedule
    cadence: 0 0 * * *
    branch_type: all
    timezone: Etc/UTC
actions:
  - scan: container_scanning
  - scan: secret_detection

Click on Configure with a merge request
Merge the new MR to add the policy
Create a new branch
Trigger the schedule using the rails console

schedule = Security::OrchestrationPolicyRuleSchedule.last
schedule.update_column(:next_run_at, 1.day.ago)

project = schedule.security_orchestration_policy_configuration.project
security_policy_bot_id = project.security_policy_bot.id

Security::ScanExecutionPolicies::RuleScheduleWorker.perform_async(project.id, security_policy_bot_id, schedule.id)

Go to the Pipelines page and verify the expected pipelines were created:

Edited Mar 25, 2024 by Marcos Rocha

Add a new worker to process the pipeline creation for sep

What does this MR do and why?

MR acceptance checklist

How to set up and validate locally

Merge request reports