Skip to content

Split construct policy methods by type

Artur Fedorovrequested to merge
537450-policies-split-construct-security-policies into master

What does this MR do and why?

Split construct policy methods by type

Construct security policies methods are divided by type into separate modules

This change refactors the security policy construction code by breaking down a large monolithic module into smaller, more focused modules. The original ConstructSecurityPolicies module contained all the logic for different types of policies (scan execution, approval, vulnerability management, pipeline execution, etc.). Now, each policy type has its own dedicated module with specific construction methods. Common functionality has been extracted into a shared ConstructSecurityPoliciesSharedAttributes module that defines constants and helper methods used across all policy types. This reorganization improves code maintainability by following the single responsibility principle, making each module focused on constructing just one type of policy while sharing common code. The functionality remains the same, but the code structure is now more modular and easier to maintain.

References

Screenshots or screen recordings

***NO VISUAL CHANGES***

How to set up and validate locally

  1. Go to graphql-explorer and test a query

    {
  group(fullPath: "full-path") {
    approvalPolicies {
      nodes {
        description
        name
      }
    }
    pipelineExecutionPolicies {
      nodes {
        name
      }
    }
    pipelineExecutionSchedulePolicies {
      nodes {
        name
      }
    }
    scanExecutionPolicies {
      nodes {
        name
      }
    }
    approvalPolicies {
      nodes {
        name
      }
    }
    securityPolicies(includeUnscoped: false) {
      nodes {
        name
        type
        enabled
        updatedAt
        editPath
        policyAttributes {
          ...on PipelineExecutionScheduledPolicyAttributesType{
            policyBlobFilePath
            warnings
          }
          ...on ScanExecutionPolicyAttributesType {
            deprecatedProperties
            source {
              __typename
            }
          }
          ... on ApprovalPolicyAttributesType {
            __typename
            actionApprovers {
              users {
                name
              }
            }
          }
          ...on VulnerabilityManagementPolicyAttributesType {
            source {
              ...on GroupSecurityPolicySource {
                namespace {
                  name
                }
              }
            }
          }
          ...on PipelineExecutionPolicyAttributesType {
            policyBlobFilePath
          }
        }
      }
      pageInfo {
        hasNextPage
        hasPreviousPage
        endCursor
        startCursor
      }
    }
  }
}

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #537450 (closed)

Merge request reports