Add policy name to ScanExecutionPolicyCommit mutation
What does this MR do and why?
Addresses #339794 (closed)
This MR adds a new argument name to ScanExecutionPolicyCommit mutation. Since we do not have a reference to a policy in the yaml file in policy project, the name of the policy is considered as an unique identifier. But if the name of the policy need to be updated, the old name has to mentioned explicitly to make it work.
Screenshots or screen recordings
Update policy name:
Different name while creating policy:
How to set up and validate locally
- Create a policy following the instructions
Policy
scan_execution_policy:
- name: Policy
description: This policy enforces pipeline configuration to have a job with secret detection scan
enabled: true
rules:
- type: pipeline
branches:
- master
actions:
- scan: secret_detection- Go to graphql explorer and execute the mutation:
Mutation
mutation createPolicy{
scanExecutionPolicyCommit(input:{
projectPath:"root/security-test",
operationMode:REPLACE,
name: "New Policy"
policyYaml: "name: Policy\ntype: scan_execution_policy\ndescription: This policy enforces pipeline configuration to have a job with secret detection scan\nenabled: true\nrules:\n- type: pipeline\n branches: \n - master\nactions:\n- scan: secret_detection"
}) {
clientMutationId
branch
errors
}
} MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Sashi Kumar Kumaresan