Update scan policies related approval rules and rule schedules (!85744) · Merge requests · GitLab.org / GitLab

Zamir Martins requested to merge update_scan_result_policies_post_merge into master Apr 22, 2022

What does this MR do and why?

Update scan result and execution policies related approval rules as part of the post merge hook.

Shared code is also extracted from the existing worker.

Related issues: #357298 (closed), #360291 (closed) and #360293 (closed)

How to set up and validate locally

Create a policy management project
Create a scan result policy.
Merge the MR

Expected: for the projects linked to the security project to have their respective approval rules. It can be checked with the following:

> Project.find(<PROJECT_ID>).approval_rules.scan_finding

Create a scan execution policy with scheduled job.
Merge the MR.

Expected: for the projects linked to the security project to have their respective schedule jobs. It can be checked with the following:

> Project.find(<PROJECT_ID>).security_orchestration_policy_configuration.rule_schedules

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited May 05, 2022 by Zamir Martins

Update scan policies related approval rules and rule schedules

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports