FE: Update security policies drawer for scan execution policy with agents/namespaces
Why are we doing this work
- for scan execution policies with branches, the
Summary
of the policy drawer lists out all the branches in a readable way - for scan execution policies with agents or namespaces (as defined in the docs: Add agents to Scan Execution Policies documenta... (!96148 - merged)), the agents and namespaces are not listed out in a human-readable way in the policy drawer
- users want to see their scan execution policy yaml containing agents and namespaces in a more readable way
Relevant links
Sample Yaml
type: scan_execution_policy
name: Enforce CIS
description: This policy is great!
enabled: true
rules:
- type: schedule
cadence: 0 * * * *
agents:
cis-agent:
namespaces:
- production
- type: schedule
agents:
staging-agent:
namespaces:
- staging
cadence: 0 * * * *
actions:
- scan: container_scanning
- scan: sast
Related to #346188 (closed)
Implementation plan
-
frontend update policy_drawer/scan_execution_policy.vue to show the agents
andnamespaces
Scans to be performed by the XXX agent for all namespaces every hour, every day.
Scans to be performed by the XXX agent for the XXX namespaces every hour, every day.
Verification steps
- Navigate to a project => Security & Compliance => Policies => New policy => Scan execution policy => yaml mode
- Enter in the above yaml and merge the MR
- Navigate to the project => Security & Compliance => Policies => Select the new policy
- View the drawer
Edited by Alan (Maciej) Paruszewski