Draft: Persist scan execution policies (!148854) · Merge requests · GitLab.org / GitLab

Dominic Bauer requested to merge 416260-create-db-tables-to-store-all-policy-yaml-content into master Apr 08, 2024

What does this MR do and why?

Persists scan execution policies that are stored in repos as YAML to the database, as we're moving reads off Gitaly and to the database. We already persist MR approval policies (!146504 (merged)).

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

How to set up and validate locally

Validating projects

Create a new project
Navigate to Secure > Policies and create a scan execution policy
Enable the feature flag for the newly created security policy project:
```
Feature.enable(:security_policies_sync, Project.last)
```
Try adding/editing/deleting policies and verify the state of the security_policies and approval_policy_rules tables
Repeat the above by creating a group instead and enabling the security_policies_sync_group feature flag.

Related to #416260

Edited Apr 08, 2024 by Dominic Bauer

Admin message

Draft: Persist scan execution policies

What does this MR do and why?

MR acceptance checklist

How to set up and validate locally

Validating projects

Merge request reports