<!--IssueSummary start--> <details> <summary> Everyone can contribute. [Help move this issue forward](https://handbook.gitlab.com/handbook/marketing/developer-relations/contributor-success/community-contributors-workflows/#contributor-links) while earning points, leveling up and collecting rewards. </summary> - [Close this issue](https://contributors.gitlab.com/manage-issue?action=close&projectId=278964&issueIid=558362) </details> <!--IssueSummary end--> ## Summary Build a dashboard to provide visibility into scheduled pipeline execution policies. This dashboard will surface data about upcoming, in-progress, and completed scheduled pipeline runs across policies, enabling users to monitor, troubleshoot, and manage their scheduled enforcement at scale. ## Background With the `security_policy_schedule_pipelines` join table ([!229986](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/229986)), we now have the data foundation to build visibility into scheduled pipeline execution policies. Today, the only way to see when scheduled pipelines will run is through Sidekiq monitoring, which is not accessible to most users. A [POC dashboard](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/237218) was built to validate the concept, showing upcoming and recent pipelines for a single policy. The team agreed that the dashboard should be broader, covering all policies rather than being tied to a single one. ## User needs Based on [team discussion](https://gitlab.com/gitlab-org/gitlab/-/work_items/558362#note_3371838359), users need to answer: 1. **Are my schedules succeeding?** Do I need to investigate failures and improve my configuration? 2. **What is currently running?** If there are performance issues, users need to understand what schedules are active and be able to pause/cancel/resume them. 3. **What ran in the past?** For troubleshooting, investigations, and operational audit trails. Users need to quickly determine if scheduled jobs (e.g. security scans) ran as expected. ## Proposed approach #### Phase 1: APIs Build GraphQL APIs to expose scheduled pipeline data before making UI decisions. This lets users consume the data and helps gather feedback on what information is most valuable. - **Recent pipelines API**: Already available via the `security_policy_schedule_pipelines` join table ([!233385](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/233385)) - **Upcoming pipelines API**: [#600939](https://gitlab.com/gitlab-org/gitlab/-/work_items/600939) (in progress, [!238114](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/238114)) #### Phase 2: Dashboard UI Build a dashboard that aggregates data across all scheduled pipeline execution policies. Key design considerations from the discussion: - **Aggregated view first**: Show a list of all scheduled PEP policies with aggregated statistics (success rates, average duration, etc.) - **Drill-down capability**: Click/expand a policy to see upcoming runs across projects, or view historical runs with filtering by execution sequence and project - **Batch-level visibility**: Show status at the batch level, e.g.: - A scheduled run is about to kick off for `policy-1` targeting 2000 projects - A scheduled run is in progress for `policy-2` targeting 50 projects - A scheduled run completed for `policy-3`: applied to 99/100 projects (1 failed) - **Last run indicator**: Show when the last run of a schedule will complete, to give users an idea of when scheduled pipelines will finish - **Cross-policy-type potential**: Consider whether the dashboard can aggregate status data across all policy types, not just scheduled PEP (per product feedback) #### Authorization Scheduled pipelines belong to the security policy bot of individual projects. The dashboard must handle authorization carefully: - Show only aggregated data and details for projects where the viewing user has access - Hide pipeline details from projects the user cannot access - Long-term: explore broader permissions for policy authors/managers to view data across their organization's groups/projects without needing individual project access ## Related work - API for upcoming scheduled runs: [#600939](https://gitlab.com/gitlab-org/gitlab/-/work_items/600939) - POC dashboard MR: [!237218](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/237218) - Optimize schedule distribution: [#558365](https://gitlab.com/gitlab-org/gitlab/-/issues/558365) - Stop/snooze/cancel API: [#560629](https://gitlab.com/gitlab-org/gitlab/-/work_items/560629) - Feature request for schedule conditions: [#582316](https://gitlab.com/gitlab-org/gitlab/-/work_items/582316) - [UI mockup concept](https://gitlab.com/gitlab-org/gitlab/-/work_items/558362#note_3383635454) by @alan