Skip to content

Update allow/deny list empty exceptions

Artur Fedorovrequested to merge
520082-policies-update-exclude-packages-payload into master

What does this MR do and why?

Update allow/deny list payload

  1. Exceptions are not included in yaml if there are no selected exceptions in purl list
  2. Allow/deny list in the drawer is fixed to be dynamic based on isDenied property

____________________________________________________________________________________________________________________________________________

This merge request makes changes to how license policies are handled in a security orchestration component. The main updates include:

  1. Modifying how allowed and denied licenses are parsed and displayed.
  2. Updating the format of license data when converting between component and YAML representations.
  3. Adjusting tests to accommodate these changes, including new test cases for both allowed and denied license scenarios.

The changes aim to improve the flexibility and accuracy of license policy handling, particularly when dealing with license exceptions. The code now better distinguishes between allowed and denied licenses, and handles cases where license exceptions are present or absent more efficiently.

References

Please include cross links to any resources that are relevant to this MR. This will give reviewers and future readers helpful context to give an efficient review of the changes introduced.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before After
Exclude packages allow:deny.mov

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

Enable Feature flag:

Feature.enable(:exclude_license_packages)
  1. Go to Group/Project
  2. Secure -> Policies
  3. New policy -> Approval Policy
  4. Select licence scan in rule section
  5. Add new criteria allow deny list
  6. Click on link button allowlist
  7. Select licenses without exceptions
  8. Make sure there is no packages: purls: exceptions: [] in yaml

Related to #520082 (closed)

Merge request reports