BE: Interactive validation in security policy editor
Why are we doing this work
Troubleshooting invalid security policies is currently somewhat difficult. I would be much easier if we could have interactive validation with in-line error reporting like we have on the CI / CD Editor:
We should be able to re-use its implementation with the security orchestration policy schema
Relevant links
Non-functional requirements
-
Documentation: -
Feature flag: -
Performance: -
Testing:
Implementation plan
Possible implementation references:
- https://gitlab.com/gitlab-org/gitlab/-/blob/1e7a2d16b7b67fde966aa3ca0cb510a97dd52a5b/app/assets/javascripts/editor/extensions/source_editor_ci_schema_ext.js#L5
- https://gitlab.com/gitlab-org/gitlab/-/blob/1e7a2d16b7b67fde966aa3ca0cb510a97dd52a5b/app/assets/javascripts/pipeline_editor/components/editor/text_editor.vue#L18
Implementation
-
documentation extend JSON schema for Security Policies to have rich descriptions explaining each field, -
backend Create ee/app/services/security/security_orchestration_policies/fetch_schema_service.rb
which reads the JSON schema file and returns the raw JSON. -
backend Add a schema
action toee/app/controllers/projects/security/policies_controller.rb
which returns the raw schema JSON. -
backend Update ee/config/routes/project.rb
so thatresources :policies
is able to return the schema.
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.