Add warning on project/group with invalid policy.yml file
What does this MR do and why?
This MR adds a warning banner that displays on security policy pages when a project or group has an invalid policy.yml file in their linked security policy project.
When security policies cannot be enforced due to invalid YAML syntax in the policy configuration file, users now see a clear warning message with a direct link to the problematic file, helping them quickly identify and resolve the issue.
Changes include:
- New
InvalidPolicyYamlBannerVue component that displays a danger alert - Integration of the banner into the policies list header
- Backend helper updates to include policy YAML validation status and file path
- Comprehensive test coverage for both frontend and backend changes
Changelog: added EE: true
References
Related to #562012
Screenshots or screen recordings
| Before | After |
|---|---|
 |
 |
How to set up and validate locally
- Create or navigate to a project/group with a linked security policy project
- In the security policy project, create an invalid
policy.ymlfile with malformed YAML syntax:# Example of invalid YAML - missing closing bracket scan_execution_policy: - name: "Test Policy" enabled: true rules: - type: pipeline branches: [main - Navigate to the project's Security & Compliance > Policies page
- Verify that the red warning banner appears with the message "Invalid policy.yml file"
- Click the "policy.yml" link in the banner to confirm it navigates to the correct file
- Fix the YAML syntax in the policy file and refresh the page to confirm the banner disappears
MR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Edited by Alan (Maciej) Paruszewski