Update licenses validation
What does this MR do and why?
This MR updates the security policy schema to prevent the use of the licenses field together with licenses_type and match_on_inclusion_license. This change was discussed here and is also being added in the frontend.
References
Please include cross links to any resources that are relevant to this MR. This will give reviewers and future readers helpful context to give an efficient review of the changes introduced.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
How to set up and validate locally
- Create a new project
- Go to Secure > Policies
- Click in New policy
- Select Merge request approval policy
- Try to create a policy using
licenses,license_types, andmatch_on_inclusion_license
Something like:
type: approval_policy
name: abcd
description: ''
enabled: true
rules:
- type: license_finding
match_on_inclusion_license: true
license_types:
- MIT License
license_states:
- newly_detected
branches: []
licenses:
denied:
- name: MIT License
actions:
- type: require_approval
approvals_required: 1
role_approvers:
- owner
- type: send_bot_message
enabled: true
approval_settings:
block_branch_modification: true
prevent_pushing_and_force_pushing: true
prevent_approval_by_author: true
prevent_approval_by_commit_author: true
remove_approvals_with_new_commit: true
require_password_to_approve: false
fallback_behavior:
fail: closed- Verify the policy is invalid
Edited by Marcos Rocha