Add timezone context for scheduled pipeline action
Description
As a user creates a scan execution policy with a scheduled pipeline, it isn't clear what timezone the rule is being configured with (without following the documentation closely).
- For
agent
policies it uses the system-time of the Kubernetes-agent pod. - For
schedule
policies it uses the server timezone, which is UTC for GitLab.com but could be a different timezone for self managed instances. - In all other cases, I believe it's UTC.
In the UI and YAML, we do not provide additional clarity.
Design
Before | After |
---|---|
Tooltip text:
GitLab.com's timezone
<GitLab host>'s timezone
Kubernetes agent's timezone
Sentence text:
I like having the IF portion of the policy phrased as a sentence. Adding just a few words or phrases to link the fields makes the result more human-readable.
To achieve that, we need to add just one more word to the phrases I suggested earlier: at
-
on GitLab.com at
on <GitLab host's name> at
on the Kubernetes agent pod at
For each option, the phrase will read: on <location> at <time>
Implementation
For the UI:
- Add a tooltip over the dropdown with additional context
- Not a separate icon as the below diff suggests
- Check if
.com
to showGitLab.com
, otherwise either get hostname
Incomplete patch
diff --git a/ee/app/assets/javascripts/security_orchestration/components/policy_editor/scan_execution_policy/schedule_rule_component.vue b/ee/app/assets/javascripts/security_orchestration/components/policy_editor/scan_execution_policy/schedule_rule_component.vue
index d76696d58698..4724b7c18ce6 100644
--- a/ee/app/assets/javascripts/security_orchestration/components/policy_editor/scan_execution_policy/schedule_rule_component.vue
+++ b/ee/app/assets/javascripts/security_orchestration/components/policy_editor/scan_execution_policy/schedule_rule_component.vue
@@ -1,5 +1,11 @@
<script>
-import { GlFormInput, GlSprintf, GlCollapsibleListbox } from '@gitlab/ui';
+import {
+ GlFormInput,
+ GlIcon,
+ GlSprintf,
+ GlCollapsibleListbox,
+ GlTooltipDirective as GlTooltip,
+} from '@gitlab/ui';
import { s__ } from '~/locale';
import { slugify, slugifyToArray } from '../utils';
import {
@@ -37,14 +43,24 @@ export default {
selectedAgentsPlaceholder: s__('ScanExecutionPolicy|Select agent'),
selectedNamespacesPlaceholder: s__('ScanExecutionPolicy|Select namespaces'),
namespaceLabel: s__('ScanExecutionPolicy|in namespaces'),
+ agentTime: s__(
+ 'ScanExecutionPolicy|The timezone is that of the system-time of the Kubernetes-agent pod',
+ ),
+ scheduleTime: s__(
+ 'ScanExecutionPolicy|The timezone is that of the server (e.g. UTC for GitLab.com)',
+ ),
},
name: 'ScheduleRuleComponent',
components: {
BaseRuleComponent,
GlFormInput,
+ GlIcon,
GlCollapsibleListbox,
GlSprintf,
},
+ directives: {
+ GlTooltip,
+ },
props: {
initRule: {
type: Object,
@@ -88,6 +104,9 @@ export default {
selectedPeriodText() {
return SCAN_EXECUTION_RULE_PERIOD_TYPE[this.selectedPeriod];
},
+ timezoneText() {
+ return this.isBranchScope ? this.$options.i18n.scheduleTime : this.$options.i18n.agentTime;
+ },
},
methods: {
convertToListboxItems(items) {
@@ -243,6 +262,12 @@ export default {
:selected="selectedTimeIndex"
@select="setTimeSelected"
/>
+ <gl-icon
+ v-gl-tooltip
+ name="question-o"
+ :title="timezoneText"
+ class="gl-text-blue-600"
+ />
</template>
</gl-sprintf>
</div>
- Update dropdown
- add header describing context
- add UTC to time
- Add a default comment in the YAML:
cadence: 0 * * * * # timezone differs based on policy, see documentation for details
Future Implementation
- Add timezone dropdown picker similar to Dast On-demand scans.
- add
timezone
schema value and test for presence
Incomplete backend patch
diff --git a/ee/app/models/security/orchestration_policy_rule_schedule.rb b/ee/app/models/security/orchestration_policy_rule_schedule.rb
--- a/ee/app/models/security/orchestration_policy_rule_schedule.rb (revision 54a0c5ff7762aa2ebeeed7f93fa21204f1874c6d)
+++ b/ee/app/models/security/orchestration_policy_rule_schedule.rb (date 1682967903482)
@@ -56,7 +56,7 @@
end
def cron_timezone
- Time.zone.name
+ (policy&.dig(:timezone).presence || Time.zone.name)
end
def worker_cron_expression
Edited by Alexander Turinske