BE - [License Approvals] - Add relationship between Software License Policy and Security Policy Project Configuration
Why are we doing this work
Currently Software License Policies are created manually in Security & Compliance
-> License Compliance
-> Policies
page and are not related to Security Policy Project. To successfully perform deleting of related policies we need to add optional relationship to Security Policy Project Configuration in database so we can easily remove it when Policy Project is unassigned or deleted.
We want to currently work on this feature behind existing feature flag (license_scanning_policies
), so policy will be only processed when this feature flag is enabled for the project.
Relevant links
Related issue with proposed format Epic
Non-functional requirements
-
Documentation: documentation should be updated with new type of Scan Result Policies after this feature is available for users. - [-] Feature flag:
- [-] Performance:
-
Testing:
Implementation plan
-
database add new column security_orchestration_policy_configuration_id
bigint
tosoftware_license_policies
and index and foreign key to delete ON CASCADE when entry fromsecurity_orchestration_policy_configurations
is removed, -
backend update SoftwareLicensePolicies::CreateService
to acceptsecurity_orchestration_policy_configuration_id
and store it in the model,
Verification steps
-
Check if software license policies are removed when security policy project is unassigned or deleted, -
Check if software license policies are updated when policy is updated with new licenses,
Edited by Alan (Maciej) Paruszewski