Add metrics for source branch exceptions for approval policy
What does this MR do and why?
This MR adds metrics for security policy with source branch exceptions through bypass_settings
Local testing output
| Key Path | Monitored Events | Instrumentation Class | Initial Value | Current Value |
|---|---|---|---|---|
| redis_hll_counters.count_distinct_project_id_from_check_branch_exceptions_bypass_settings_for_approval_policy_monthly | check_branch_exceptions_bypass_settings_for_approval_policy | UniqueCountMetric | 1 | 1 |
| redis_hll_counters.count_distinct_project_id_from_check_branch_exceptions_bypass_settings_for_approval_policy_weekly | check_branch_exceptions_bypass_settings_for_approval_policy | UniqueCountMetric | 1 | 1 |
References
Screenshots or screen recordings
| Before | After |
|---|---|
How to set up and validate locally
- Create a group or a project
- Create MR approval policy with branch exceptions:
approval_policy:
- name: Branch Bypass
description: ''
enabled: true
rules:
- type: any_merge_request
branch_type: protected
commits: any
actions:
- type: require_approval
approvals_required: 1
role_approvers:
- maintainer
- developer
- type: send_bot_message
enabled: true
approval_settings:
block_branch_modification: true
prevent_pushing_and_force_pushing: true
prevent_approval_by_author: true
prevent_approval_by_commit_author: true
remove_approvals_with_new_commit: true
require_password_to_approve: false
fallback_behavior:
fail: closed
bypass_settings:
branches:
- source:
pattern: hotfix*
target:
name: main- Before merging the MR to update the policy, listen for the events:
bundle exec rails runner scripts/internal_events/monitor.rb check_branch_exceptions_bypass_settings_for_approval_policy- Merge the MR and verify that the metric is updated
MR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Edited by Sashi Kumar Kumaresan