Add a new worker to process the pipeline creation for sep
What does this MR do and why?
Add a new worker to process the pipeline creation for scheduled scan_execution_policies
.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
How to set up and validate locally
- Enable the feature flag
echo "Feature.enable(:scan_execution_pipeline_worker)" | rails c
- Create a new project
- Go to Secure > Policies
- Click on New policy
- Select Scan Execution policy
- Change to .yaml mode
- Copy the yaml below:
type: scan_execution_policy
name: schedule
description: ''
enabled: true
rules:
- type: schedule
cadence: 0 0 * * *
branch_type: all
timezone: Etc/UTC
actions:
- scan: container_scanning
- scan: secret_detection
- Click on Configure with a merge request
- Merge the new MR to add the policy
- Create a new branch
- Trigger the schedule using the rails console
schedule = Security::OrchestrationPolicyRuleSchedule.last
schedule.update_column(:next_run_at, 1.day.ago)
project = schedule.security_orchestration_policy_configuration.project
security_policy_bot_id = project.security_policy_bot.id
Security::ScanExecutionPolicies::RuleScheduleWorker.perform_async(project.id, security_policy_bot_id, schedule.id)
- Go to the Pipelines page and verify the expected pipelines were created:
Edited by Marcos Rocha