Fix error when fetching all policies by type

Andy Schoenenrequested to merge
andyschoenen/fix-all_policies_with_type-error into master

What does this MR do and why?

This fixes an error when fetching all policies by type and security policy experiments are used.

How to set up and validate locally

  1. Enable the security_policies_combined_list feature flag: echo "Feature.enable(:security_policies_combined_list)" | rails c
  2. Create a new group
  3. Create a project in the group
  4. Add a .gitlab/security-policies/policy.yml file to the project: 
    ---
experiments:
  pipeline_execution_schedule_policy:
    enabled: true
pipeline_execution_policy: []
approval_policy: []
pipeline_execution_schedule_policy:
  - name: test
    description: ''
    enabled: true
    pipeline_config_strategy: schedule
    content:
      include:
        - project: path/to/project
          file: policy-ci.yml
    schedules:
      - type: daily
        start_time: '10:00'
        time_window:
          value: 600
          distribution: random
  5. Go back to the group page and on the left sidebar, select Security & Compliance and Policies.
  6. Select Edit policy project and select your project. Then select Save.
  7. Open the GraphQL explorer on your local.
  8. Use the query to fetch all policies from the group (replace issue-535428 with the path to your group`: 
    query {
  group(fullPath: "issue-535428") {
    securityPolicies(includeUnscoped: false) {
      nodes {
        name
        type
        enabled
        updatedAt
        editPath
        policyAttributes {
          ...on PipelineExecutionScheduledPolicyAttributesType{
            policyBlobFilePath
            warnings
          }
          ...on ScanExecutionPolicyAttributesType {
            deprecatedProperties
            source {
              __typename
            }
          }
          ... on ApprovalPolicyAttributesType {
            __typename
            actionApprovers {
              users {
                name
              }
            }
          }
          ...on VulnerabilityManagementPolicyAttributesType {
            source {
              ...on GroupSecurityPolicySource {
                namespace {
                  name
                }
              }
            }
          }
          ...on PipelineExecutionPolicyAttributesType {
            policyBlobFilePath
          }
        }
      }
      pageInfo {
        hasNextPage
        hasPreviousPage
        endCursor
        startCursor
      }
    }
    
  }
}
  9. It should not raise an Internal server error: undefined method merge' for an instance of Array` error.

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Andy Schoenen

Merge request reports