Update AuthorizationsAddedEvent to handle multiple projects

Sashi Kumar Kumaresanrequested to merge
sk/479316-batch-project-ids into master

What does this MR do and why?

This MR updates Security::ScanResultPolicies::AddApproversToRulesWorker to handle multiple project_ids to reduce the number of worker jobs when ProjectAuthorization is updated for multiple projects at a time. This change also reduces the number of queries in dispatch? to handle multiple projects together instead of individual projects. We also support project_id to make this change backward compatible. Publish AuthorizationsAddedEvent with multiple ... (!171991 - merged) will update the event publishing logic to publish project_ids instead of project_id.

References

Please include cross links to any resources that are relevant to this MR This will give reviewers and future readers helpful context to give an efficient review of the changes introduced.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before After

How to set up and validate locally

  1. Create a group

  2. In the group, create a project

  3. In the group, go to Policies and create a new scan result policy. Example YAML:

    type: approval_policy
name: Security
description: ''
enabled: true
policy_scope:
  compliance_frameworks: []
rules:
  - type: scan_finding
    scanners: []
    vulnerabilities_allowed: 0
    severity_levels: []
    vulnerability_states: []
    branch_type: protected
actions:
  - type: require_approval
    approvals_required: 1
    user_approvers_ids:
      - 1
      - 4 # User to test with

  4. In the project, create an MR (e.g. changing a README)

  5. Notice the required approvals

  6. Add the user referenced in the policy as a group member with a developer role

  7. Verify that the user is added as an approver in the MR to the correct rules (rules where they are referenced as approvers)

Addresses https://gitlab.com/gitlab-org/gitlab/-/issues/479316

Edited by Sashi Kumar Kumaresan

Merge request reports