Add flat policy list of all types
What does this MR do and why?
Add flat policy list of all types
User can query a list of all policies of mixed type
This merge request introduces a new feature called "combined policy list" for security policies. Instead of making separate GraphQL queries for different policy types (scan execution, approval, pipeline execution, etc.), the code now has the option to make a single query that returns all policy types at once. This is controlled by a feature flag called securityPoliciesCombinedList.
The implementation adds new GraphQL queries for both projects and groups, refactors the policy loading logic to handle both the old and new approaches, and updates the UI components to work with either data structure. The code also includes proper handling of policy types, error states, and maintains all the existing functionality like policy validation and warnings.
Tests have been updated to verify both the legacy approach and the new combined list approach work correctly. This change should improve performance by reducing the number of network requests needed to load the security policies page.
References
Screenshots or screen recordings
| Description | UI |
|---|---|
| One request instead of 4 | load.mov |
How to set up and validate locally
-
Enable feature flag:
Feature.enable(:security_policies_combined_list) -
Go to Group
-
Go to Secure -> Policies
-
See list of policies, click on different policies, open drawer
-
Repeat same with project
MR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Related to #524279 (closed)