Remove duplicate policies from compliance frameworks dashboard

Huzaifa Iftikharrequested to merge
548967_fix_policy_duplicates_on_frameworks_dashboard into master

What does this MR do and why?

  1. Remove duplicate policies from compliance frameworks dashboard
  2. Closes #548967 (closed)

References

Screenshots or screen recordings

Before After
image image

How to set up and validate locally

  1. Ensure you have ultimate license
  2. Create a top level group and a subgroup within that top level group.
  3. Create a compliance framework at the top level group.
  4. Create a scan execution policy and pipeline execution policy in the sub group, this would automatically create a project named "-Security policy project". Scope these policies to the framework created at the top level group. Apply compliance framework to this project as well.
  5. Create another sub group within the top level group and create two projects inside that group. Apply the above created compliance frameworks to these projects.
  6. Navigate to each of these projects and under the secure > policies option click on "Edit policy project" and use the security policy project created in the other sub group mentioned in point 4 above.
  7. Go to the top level group and visit Secure > Compliance Center. Click on the frameworks tab and edit the framework you created earlier.
  8. Apply the following patch to update frontend locally. We are not shipping the frontend changes with this MR because of multi-version compatibility issues.
diff to update frontend 
diff --git a/ee/app/assets/javascripts/compliance_dashboard/components/frameworks_report/edit_framework/graphql/namespace_policies.query.graphql b/ee/app/assets/javascripts/compliance_dashboard/components/frameworks_report/edit_framework/graphql/namespace_policies.query.graphql
index dcf28f595f8a..62df3ad9de65 100644
--- a/ee/app/assets/javascripts/compliance_dashboard/components/frameworks_report/edit_framework/graphql/namespace_policies.query.graphql
+++ b/ee/app/assets/javascripts/compliance_dashboard/components/frameworks_report/edit_framework/graphql/namespace_policies.query.graphql
@@ -10,7 +10,11 @@ query namespacePolicies(
 ) {
   namespace(fullPath: $fullPath) {
     id
-    approvalPolicies(after: $approvalPoliciesAfter, relationship: DESCENDANT) {
+    approvalPolicies(
+      after: $approvalPoliciesAfter
+      relationship: DESCENDANT
+      deduplicatePolicies: true
+    ) {
       nodes {
         name
         yaml
@@ -37,7 +41,11 @@ query namespacePolicies(
         ...PageInfo
       }
     }
-    scanExecutionPolicies(after: $scanExecutionPoliciesAfter, relationship: DESCENDANT) {
+    scanExecutionPolicies(
+      after: $scanExecutionPoliciesAfter
+      relationship: DESCENDANT
+      deduplicatePolicies: true
+    ) {
       nodes {
         name
         yaml
@@ -53,7 +61,11 @@ query namespacePolicies(
         ...PageInfo
       }
     }
-    pipelineExecutionPolicies(after: $pipelineExecutionPoliciesAfter, relationship: DESCENDANT) {
+    pipelineExecutionPolicies(
+      after: $pipelineExecutionPoliciesAfter
+      relationship: DESCENDANT
+      deduplicatePolicies: true
+    ) {
       nodes {
         name
         yaml
@@ -72,6 +84,7 @@ query namespacePolicies(
     vulnerabilityManagementPolicies(
       after: $vulnerabilityManagementPoliciesAfter
       relationship: DESCENDANT
+      deduplicatePolicies: true
     ) {
       nodes {
         name
9. You should see that the policies count is listed as 2 and if you expand it only two policies are shown. Prior to this MR duplicates were shown hence the count would show as 6 on the current master branch. 10. Steps to reproduce are also mentioned in this comment.

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Huzaifa Iftikhar

Merge request reports