Skip to content

Update policy drawer for csp policies

Alexander Turinskerequested to merge
552270-update-policy-drawer-for-csp into master

What does this MR do and why?

Update policy drawer for csp policies

  • update source for csp policies
  • update source for inherited csp policies

Changelog: changed

EE: true

References

Screenshots or screen recordings

Scenario Screenshot
Project policy project_policy
Group policy group_policy
Instance policy Screenshot_2025-07-02_at_15.36.48
Instance policy in CSP group Screenshot_2025-07-02_at_15.36.58

How to set up and validate locally

  1. Upload a GitLab Ultimate license
  2. Go to http://gdk.test:3443/rails/features and enable the security_policies_csp feature flag
  3. Navigate to Admin => Settings => Security and compliance
  4. Set the CSP group
  5. Navigate to CSP group => Secure => Policies => New policy => Scan execution => Create a new policy
  6. Navigate to CSP group => Secure => Policies => Select the new policy
  7. Verify the policy source says instance policy
  8. Navigate to a different group/project => Secure => Policies => Select the inherited policy
  9. Verify the policy source says it is an instance policy that is inherited

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #552270 (closed)

Edited by Alexander Turinske

Merge request reports