Limit vulnerability management policy to 5 rules

Lorenz van Herwaardenrequested to merge
enforce-rules-limit-vulnerability-management-policy into master

What does this MR do and why?

Related #503841 (closed)

Limit vulnerability management policy to 5 rules

Limit the amount of rules that can be added for a vulnerability management policy to 5 and make sure the Add rule button gets hidden conditionally.

References

Please include cross links to any resources that are relevant to this MR This will give reviewers and future readers helpful context to give an efficient review of the changes introduced.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Add rule button hidden when 5 rules are added

Screenshot_2024-11-15_at_17.19.16

JSON schema validation when more than 5 rules are added

Screenshot_2024-11-15_at_17.25.56

Backend validation error against JSON schema when you try to save with more than 5 rules

Screenshot_2024-11-15_at_17.02.39

How to set up and validate locally

  1. Enable vulnerability_management_policy feature flag at http://gdk.test:3000/rails/features
  2. Go to any project
  3. Go to Secure > Policies
  4. Click New policy
  5. Click Select policy on the Vulnerability management policy card
  6. Add 5 conditions and validate that you can't add another condition in "rule" mode
  7. Add another rule in the yaml mode, validate the JSON schema underlies the yaml and shows error on hovering
Edited by Lorenz van Herwaarden

Merge request reports