Skip to content

Add service accounts to bypass options

Artur Fedorovrequested to merge
550689-policies-bypass-option-service-accounts into master

What does this MR do and why?

Update YAML with service accounts

When accounts are updated, it would update policy YAML for bypass options

This code change adds support for managing service accounts and their access tokens in a security policy system. The main additions include:

New API endpoints: Two new API paths were added to fetch service accounts for a group and their associated personal access tokens.

New user interface components: Three new Vue.js components were created to allow users to select service accounts and their tokens through dropdown menus and forms. These components include search functionality, validation, and error handling.

Enhanced policy exceptions: The existing policy exceptions modal was updated to include a new "service accounts" tab alongside the existing options like roles, groups, and tokens. Users can now add service accounts as exceptions to security policies.

Improved token selector: The tokens selector component was refactored to be more reusable and had some unused alert functionality removed.

Utility functions: New helper functions were added to handle service account objects, extract usernames, and manage data formatting.

The overall goal is to give administrators more granular control over security policies by allowing them to create exceptions based on specific service accounts and their access tokens, rather than just broader categories like user roles or groups.

References

Screenshots or screen recordings

Description UI
Service accounts option service accounts.mov

How to set up and validate locally

Enable feature flag:

Feature.enable(:security_policies_bypass_options)
  • Secure -> Policies
  • New merge request approval policy
  • Open Advanced settings
  • Click add exception button
  • Select Service accounts option
  • If you dong't have service accounts go to settings service accounts, create several and edit it adding some tokens

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #550689 (closed)

Edited by Artur Fedorov

Merge request reports