Draft: Persist scan execution policies
What does this MR do and why?
Persists scan execution policies that are stored in repos as YAML to the database, as we're moving reads off Gitaly and to the database. We already persist MR approval policies (!146504 (merged)).
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
How to set up and validate locally
Validating projects
-
Create a new project
-
Navigate to
Secure > Policies
and create a scan execution policy -
Enable the feature flag for the newly created security policy project:
Feature.enable(:security_policies_sync, Project.last)
-
Try adding/editing/deleting policies and verify the state of the
security_policies
andapproval_policy_rules
tables -
Repeat the above by creating a group instead and enabling the
security_policies_sync_group
feature flag.
Related to #416260