Add configurable limits for SEP, MRAP and VMP policies

Alan (Maciej) Paruszewskirequested to merge
epic-8084-add-customizible-limits-for-all-policy-types into master

What does this MR do and why?

This MR adds configurable limits for three types of security policies:

  • Scan Execution Policies (SEP)
  • Security Approval Policies (MRAP)
  • Vulnerability Management Policies (VMP)

Previously, only Pipeline Execution Policies had configurable limits, while the other policy types had hard-coded limits. This change allows administrators to configure limits for all policy types at both the instance and group levels, providing more flexibility and control over security policy usage.

Screenshot_2025-04-15_at_09.51.13

Screenshot_2025-04-15_at_09.51.57

Implementation details:

  • Added new configurable limits in application settings for all policy types
  • Extended the LimitService to handle limits for all policy types
  • Removed hard-coded constants (POLICY_LIMIT) in favor of dynamic limits
  • Added UI controls in admin settings and group settings to manage these limits
  • Added proper validations for all new limit settings

Benefits:

  • Administrators can now customize limits based on their organization's needs
  • Consistent approach for all policy types
  • Better resource management for large organizations
  • Improved flexibility for different deployment scenarios

References

  • Related to the ongoing effort to make security policy limits more configurable
  • Extends the existing functionality for Pipeline Execution Policies to other policy types

How to set up and validate locally

  1. Access the Admin Area > Settings > Security Policies
  2. Configure the new limit settings for each policy type
  3. Create or edit a group to set group-specific limits
  4. Verify that the configured limits are enforced when creating policies
Edited by Alan (Maciej) Paruszewski

Merge request reports