Expose CSP flag for the namespace type

Martin Cavojrequested to merge
541510-be-designation-of-a-csp-group-3 into master

What does this MR do and why?

Expose CSP for the namespace type

  • Allow querying designated_as_csp in GQL for the namespace type
  • Expose designated_as_csp for frontend via SecurityOrchestrationHelper

Policies GQL will be extended in Expose `csp` in GQL for all policy types (!192672 - merged).

References

Screenshots or screen recordings

Without CSP With CSP
CleanShot_2025-05-27_at_15.36.31_2x CleanShot_2025-05-27_at_15.36.20_2x

How to set up and validate locally

  1. Enable the feature flag: 
    Feature.enable(:security_policies_csp)
  2. Create a top-level group and assign it as a CSP using rails console: 
    Security::PolicySetting.instance.update! csp_namespace: Group.find(<group_id>)
  3. Using /-/graphql-explorer, run the following query: 
    {
  namespace(fullPath: "csp-group") {
    id
    designatedAsCsp
  }
}

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #541510 (closed)

Edited by Martin Cavoj

Merge request reports