Disable "Update via merge request" button when no policy changes detected

Alan (Maciej) Paruszewskirequested to merge
duo-edit-20260112-141152 into master

Summary

Fixes #570140 (closed)

This change prevents empty merge requests from being created when editing security policies without making actual changes to the YAML configuration.

Problem

When updating certain UI fields in the scan execution policy editor (such as "Conditions > Schedules > Run for"), the system creates a merge request even though no actual changes are made to the underlying policy YAML configuration. This results in:

  • Unnecessary MRs cluttering project history
  • Confusion for team members reviewing empty MRs
  • Workflow disruption requiring manual cleanup
  • Audit trail pollution

Solution

The "Update via merge request" button is now disabled when editing a policy with no actual changes to the YAML configuration. A tooltip "No changes to policy configuration" is displayed on hover to explain why the button is disabled.

Changes

1. Utility Function (utils.js)

  • Added areYamlContentsEqual() function that compares two YAML strings by normalizing whitespace
  • Normalizes by trimming and collapsing all whitespace sequences to single spaces
  • Note: This is a simple comparison that may not detect all meaningful YAML changes, as it doesn't preserve structural differences (indentation, newlines)

2. Editor Layout Component (editor_layout.vue)

  • Stores originalYamlEditorValue in component data when initialized
  • Added three new computed properties:
    • hasChanges: Determines if the policy has been modified by comparing current YAML to original
    • saveButtonDisabled: Disables button when editing with no changes
    • saveButtonTooltip: Shows tooltip when button is disabled
  • Updated i18n with new tooltip message
  • Wrapped save button in tooltip wrapper with conditional disable state

3. Tests

  • Added comprehensive test suite for areYamlContentsEqual() utility
  • Added tests for save button state when editing policies
  • Tests verify button is disabled/enabled based on change detection

Behavior

When Creating a New Policy

  • Save button is enabled (no changes check applies only to editing)
  • hasChanges always returns true

When Editing an Existing Policy

  • No changes made: Button is disabled with tooltip "No changes to policy configuration"
  • Changes made: Button is enabled and user can create merge request
  • Comparison is done by normalizing whitespace in YAML strings

Applies To

This change affects the generic policy editor layout component used by:

  • Scan Execution Policies
  • Scan Result Policies

Testing

Run the following to verify:

# Test the utility function
yarn jest ee/spec/frontend/security_orchestration/components/policy_editor/utils_spec.js -t "areYamlContentsEqual"

# Test the editor layout component
yarn jest ee/spec/frontend/security_orchestration/components/policy_editor/editor_layout_spec.js -t "save button state when editing"

Backward Compatibility

No breaking changes Existing functionality preserved Only adds new validation for editing workflows Creating new policies unaffected

Known Limitations

The YAML comparison normalizes all whitespace to single spaces, which means:

  • It may not detect changes that only affect YAML structure (indentation changes)
  • It treats newlines the same as spaces
  • For most practical use cases (editing via UI), this should be sufficient as UI changes typically modify actual content values
Edited by Alan (Maciej) Paruszewski

Merge request reports