Draft: Create approval rules for multiple policy approvers
What does this MR do and why?
Create approval rules for multiple policy approvers
This change updates the logic of creating the approval rules from security policy to create/update approval rules for multiple approvers actions from policy.
EE: true Changelog: added
References
Please include cross links to any resources that are relevant to this MR. This will give reviewers and future readers helpful context to give an efficient review of the changes introduced.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
| Before | After |
|---|---|
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
Merge request reports
Activity
added auto updated label
assigned to @sashi_kumar
added pipelinetier-3 pipeline:run-e2e-omnibus-once labels
changed milestone to %17.7
added sectionsec label
removed auto updated label
removed pipeline:run-e2e-omnibus-once label
1 Warning 
featureaddition and featureenhancement merge requests normally have a documentation change. Consider adding a documentation update or confirming the documentation plan with the Technical Writer counterpart.
For more information, see:
- The Handbook page on merge request types.
- The definition of done documentation.
1 Message 
This merge request adds or changes files that require a review from the Database team. This merge request requires a database review. To make sure these changes are reviewed, take the following steps:
- Ensure the merge request has database and databasereview pending labels. If the merge request modifies database files, Danger will do this for you.
- Prepare your MR for database review according to the docs.
- Assign and mention the database reviewer suggested by Reviewer Roulette.
If you no longer require a database review, you can remove this suggestion by removing the database label and re-running the
danger-reviewjob.Reviewer roulette
Category Reviewer Maintainer backend @leetickett-gitlab(UTC+0, same timezone as author)
@seanarnold(UTC+13, 13 hours ahead of author)
database @ck3g(UTC+1, 1 hour ahead of author)
@OmarQunsulGitlab(UTC+1, 1 hour ahead of author)
Please refer to documentation page for guidance on how you can benefit from the Reviewer Roulette, or use the GitLab Review Workload Dashboard to find other available reviewers.
If needed, you can retry the
danger-reviewjob that generated this comment.Generated by
E2E Test Result Summary
allure-report-publishergenerated test report!e2e-test-on-gdk:
expand test summary
+------------------------------------------------------------------+ | suites summary | +-------------+--------+--------+---------+-------+-------+--------+ | | passed | failed | skipped | flaky | total | result | +-------------+--------+--------+---------+-------+-------+--------+ | Plan | 5 | 0 | 0 | 0 | 5 | ✅ | | Create | 5 | 0 | 0 | 0 | 5 | ✅ | | Govern | 8 | 0 | 0 | 0 | 8 | ✅ | | Data Stores | 4 | 0 | 0 | 0 | 4 | ✅ | | Verify | 1 | 0 | 1 | 0 | 2 | ✅ | | Secure | 2 | 0 | 0 | 0 | 2 | ✅ | | Fulfillment | 1 | 0 | 0 | 0 | 1 | ✅ | +-------------+--------+--------+---------+-------+-------+--------+ | Total | 26 | 0 | 1 | 0 | 27 | ✅ | +-------------+--------+--------+---------+-------+-------+--------+e2e-test-on-cng:
expand test summary
+------------------------------------------------------------------+ | suites summary | +-------------+--------+--------+---------+-------+-------+--------+ | | passed | failed | skipped | flaky | total | result | +-------------+--------+--------+---------+-------+-------+--------+ | Verify | 49 | 0 | 16 | 0 | 65 | ✅ | | Create | 140 | 0 | 20 | 1 | 160 | ✅ | | Plan | 86 | 0 | 8 | 0 | 94 | ✅ | | Monitor | 8 | 0 | 12 | 0 | 20 | ✅ | | Fulfillment | 2 | 0 | 7 | 1 | 9 | ✅ | | Secure | 2 | 0 | 5 | 0 | 7 | ✅ | | Govern | 84 | 0 | 10 | 1 | 94 | ✅ | | Data Stores | 33 | 0 | 10 | 0 | 43 | ✅ | | Package | 24 | 0 | 14 | 0 | 38 | ✅ | | Analytics | 2 | 0 | 0 | 1 | 2 | ✅ | | Release | 5 | 0 | 1 | 0 | 6 | ✅ | | Ai-powered | 0 | 0 | 2 | 0 | 2 | ➖ | | Manage | 1 | 0 | 9 | 0 | 10 | ✅ | | Configure | 0 | 0 | 3 | 0 | 3 | ➖ | | Growth | 0 | 0 | 2 | 0 | 2 | ➖ | | ModelOps | 0 | 0 | 1 | 0 | 1 | ➖ | +-------------+--------+--------+---------+-------+-------+--------+ | Total | 436 | 0 | 120 | 4 | 556 | ✅ | +-------------+--------+--------+---------+-------+-------+--------+mentioned in epic gitlab-org#12319 (closed)
mentioned in merge request !174308 (merged)
added 571 commits
-
fbe4930b...7068a0c4 - 569 commits from branch
sk/502228-update-validation - d63b5034 - Add policy action_idx to approval rules validation
- 94a59b4e - Create approval rules for multiple policy approvers
-
fbe4930b...7068a0c4 - 569 commits from branch
added 9 commits
-
94a59b4e...40aba40d - 7 commits from branch
sk/502228-update-validation - c0458052 - Add policy action_idx to approval rules validation
- e3e015dd - Create approval rules for multiple policy approvers
-
94a59b4e...40aba40d - 7 commits from branch
added 1 commit
- 20816057 - Create approval rules for multiple policy approvers
mentioned in merge request gitlab-com/www-gitlab-com!136770 (merged)
added 806 commits
-
20816057...b0c381a8 - 803 commits from branch
master - 7185c268 - Add policy action_idx to approval rules validation
- d832d1b5 - Add policy action_idx to approval rules validation
- b2c407e8 - Create approval rules for multiple policy approvers
Toggle commit list-
20816057...b0c381a8 - 803 commits from branch
added 1 commit
- 81d74d9b - Create approval rules for multiple policy approvers
added 1 commit
- a3de0d7b - Create approval rules for multiple policy approvers
added 1 commit
- a159e2a6 - Create approval rules for multiple policy approvers
- A deleted user
added database databasereview pending labels
211 212 end 212 213 end 213 214 215 def delete_scan_result_policy_reads_for_project(project, rules) 216 project 217 .scan_result_policy_reads 218 .for_policy_configuration(security_orchestration_policy_configuration) 219 .for_policy_index(policy_index) 220 .for_rule_index(rules.select(:rule_index)) 221 .delete_all When using
insert,update,upsert,delete,destroycommands, or theirbulk/allvariants (e.g.,bulk_insert,update_all), you must include the full database query and query execution plan in the merge request description, and request a database review.This comment can be ignored if the object is not an ActiveRecord class, since no database query would be generated.
For more information, see Database Review documentation.
changed this line in version 17 of the diff
added 59 commits
-
a159e2a6...4388135f - 58 commits from branch
master - 7a24f0ec - Modify rules for multiple policy approvers from security_policies
-
a159e2a6...4388135f - 58 commits from branch
mentioned in merge request !175162 (merged)
changed milestone to %17.8
added missed:17.7 label
added 1831 commits
-
7a24f0ec...a49634cd - 1829 commits from branch
master - 1914d32b - Modify rules for multiple policy approvers from security_policies
- dfe70593 - Remove unwanted change
-
7a24f0ec...a49634cd - 1829 commits from branch
note Tracking metrics for multiple approval actions must to added in this MR once !176669 (merged) is merged
changed milestone to %17.9
added missed:17.8 label
added 4782 commits
-
dfe70593...1c83afa9 - 4780 commits from branch
master - bdccc857 - Modify rules for multiple policy approvers from security_policies
- 13a0c6d5 - Remove unwanted change
-
dfe70593...1c83afa9 - 4780 commits from branch
1 Warning featureaddition and featureenhancement merge requests normally have a documentation change. Consider adding a documentation update or confirming the documentation plan with the Technical Writer counterpart.
For more information, see:
- The Handbook page on merge request types.
- The definition of done documentation.
1 Message This merge request adds or changes files that require a review from the Database team. This merge request requires a database review. To make sure these changes are reviewed, take the following steps:
- Ensure the merge request has database and databasereview pending labels. If the merge request modifies database files, Danger will do this for you.
- Prepare your MR for database review according to the docs.
- Assign and mention the database reviewer suggested by Reviewer Roulette.
If you no longer require a database review, you can remove this suggestion by removing the database label and re-running the
danger-reviewjob.Reviewer roulette
Category Reviewer Maintainer backend @bhrai(UTC+1, 1 hour ahead of author)
@grzesiek(UTC+1, 1 hour ahead of author)
database @irina.bronipolsky(UTC+0, same timezone as author)
@a_akgun(UTC+3, 3 hours ahead of author)
Please refer to documentation page for guidance on how you can benefit from the Reviewer Roulette, or use the GitLab Review Workload Dashboard to find other available reviewers.
If needed, you can retry the
danger-reviewjob that generated this comment.Generated by
changed milestone to %17.10
added missed:17.9 label
