Fix FetchPolicyApproversService for ComplianceFramework (!149554) · Merge requests · GitLab.org / GitLab

Sashi Kumar Kumaresan requested to merge sk/451711-fix-finder into master Apr 15, 2024

What does this MR do and why?

This change fixes a bug in Security::SecurityOrchestrationPolicies::FetchPolicyApproversService when the container is ComplianceManagement::Framework.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Before	After

How to set up and validate locally

Create a compliance framework for a root group in Settings-> General -> Compliance Frameworks
Create a security policy with compliance framework in the scope for the group
Disable security_policy_global_group_approvers_enabled settings in rails-console:

Gitlab::CurrentSettings.current_application_settings.update(security_policy_global_group_approvers_enabled: false)

Go to graphql-explorer and try the graphql query:

query {
  namespace(fullPath:<path of the group>) {
    complianceFrameworks {
      nodes {
        name
        scanResultPolicies {
          nodes {
            name
            allGroupApprovers {
              fullPath
            }
          }
        }
      } 
    }
  }
}

Fix FetchPolicyApproversService for ComplianceFramework

What does this MR do and why?

MR acceptance checklist

Screenshots or screen recordings

How to set up and validate locally

Merge request reports