Release notes

Problem to solve

As an application security analyst, I want to easily edit my policies in a UI experience rather than writing the policy in yaml, because I may not be familiar with yaml.

Intended users

• Cameron (Compliance Manager)
• Devon (DevOps Engineer)
• Sidney (Systems Administrator)
• Alex (Security Operations Engineer)

In smaller organizations:

• Delaney (Development Team Lead)
• Sasha (Software Developer)

User experience goal

Proposal

Note: This is a minimal MVC and is intended to allow us to be iterative and release quickly. Please reference the Security Orchestration direction page for plans to improve this capability in the future.

Users will be able to view, create, edit, and delete Scan Execution type policies as described in the prototype including creating/editing in rule mode.

Further details

Permissions and Security

Permissions will not change as part of this epic.

Documentation

• Documentation will be updated to describe how to use rule mode for Scan Execution type policies.

Availability & Testing

What does success look like, and how can we measure that?

Users can create a Scan Execution policy at the project and group levels using the rule mode editor

Prototype

Clone this repository and locally open create.html to view a prototype. **NOTE: The specific designs of the prototype are out-of-date; proceed with the design seen for scan result policies

What is the type of buyer?

Is this a cross-stage feature?

Links / references

Policies handbook page

This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.