Use individual feature flags for bypass settings

Sashi Kumar Kumaresanrequested to merge
sk/549644-fix-ff-check into master

What does this MR do and why?

Currently, we have these feature flags for introducing bypass settings (&14090 (closed)):

But in the frontend we are using security_policies_bypass_options to render the bypass settings. This MR breaks it down to use individual feature flags for each of the setting type.

References

Screenshots or screen recordings

With approval_policy_branch_exceptions

Screenshot_2025-07-10_at_3.08.48_PM

With approval_policy_branch_exceptions & security_policies_bypass_options_tokens_accounts

Screenshot_2025-07-10_at_3.09.45_PM

With security_policies_bypass_options_tokens_accounts only

Screenshot_2025-07-10_at_3.11.05_PM

How to set up and validate locally

  • Disable security_policies_bypass_options FF and go to Secure -> Policies -> New Policy -> MR approval policy -> Advanced and notice that the policy bypass section is not visible
  • Enable approval_policy_branch_exceptions FF and notice that the policy bypass section is visible and only the branch exceptions are visible in the modal
  • Enable security_policies_bypass_options_tokens_accounts FF and notice that the policy bypass section is visible and only the access tokens and service accounts exceptions are visible in the modal

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Sashi Kumar Kumaresan

Merge request reports