Skip to content

Draft: Update query tokens for policy violation filtering

Alexander Turinskerequested to merge
549786-add-policy-violation-filtering-to-query into master

What does this MR do and why?

Update query tokens for policy violation filtering

Changelog: added

EE: true

References

Screenshots or screen recordings

Scenario Screenshot
Without feature flag
Without elastic search image
With elastic search

How to set up and validate locally

How to set up and validate locally

Elasticsearch Setup

  1. Enable the Elasticsearch in GDK
gdk config set elasticsearch.enabled true
gdk reconfigure
gdk start elasticsearch

Simulate SAAS mode

  1. add export GITLAB_SIMULATE_SAAS=1 to env.runit
  2. Restart the gdk
gdk kill && gdk start

Dismiss a security finding blocked by a security policy

  1. Enable the advanced_vulnerability_management and security_policy_approval_warn_mode feature flags in http://gdk.test:3000/rails/features
  2. Import the security-reports project.
  3. Run a new pipeline on the default branch to create vulnerabilities
  4. Go to Secure > Policies and create a Merge Request Approval policy
  5. Create an MR editing the README file
  6. Create a record of Security::PolicyDismissal to simulate a bypassed/dismissed policy
Security::PolicyDismissal.create(project: Project.second_to_last, merge_request: MergeRequest.last, security_policy: Security::Policy.last, user: User.first, dismissal_reason: 0, security_findings_uuids: ["84c1832e-294d-59f0-b3ff-b4414cc86c70"])
  1. Checkout Filter vulnerabilities dismissed by security po... (!202622)
  2. Cherry pick this MR onto that
  3. Navigate to a project/group => Secure => Vulnerability Report => Filter by "Dismissed in MR"
  4. Verify only the new vulnerabilities appear

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #549786

Edited by Alexander Turinske

Merge request reports