Add vulnerability_states for scan_result_policies
What does this MR do and why?
Add vulnerability_states for scan_result_policies as it was done by Vulnerability-Check.
This feature is behind a feature flag (disabled by default) so there is not a concern with migrating existing data.
Related epic: &6604 (closed)
Example of yaml:
scan_result_policy:
- name: critical vulnerability CS approvals
description: critical severity level only for container scanning
enabled: true
rules:
- type: scan_finding
branches:
- master
scanners:
- container_scanning
vulnerabilities_allowed: 1
severity_levels:
- critical
vulnerability_states:
- detected
- confirmed
actions:
- type: require_approval
approvals_required: 1
approvers:
- adalberto.dare
Screenshots or screen recordings
These are strongly recommended to assist reviewers and reduce the time to merge your change.
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Zamir Martins