Unable to convert from yaml mode to rule mode for this valid policy yaml
Summary
While this is a rather complex policy, it's what is generated from the UI, but it's not possible to paste into yaml mode and toggle back to UI mode.
type: scan_result_policy
name: Block DS Vulnerabilities (Reduced Noise)
description: >-
- Block MRs with Critical severity vulns
- Set an SLA of 30 days for High severity vulns
- Set an SLA of 60 days for Medium severity vulns
- Ignore false positives and dependency scanning findings with no fix
available
enabled: true
rules:
- type: scan_finding
scanners:
- dependency_scanning
vulnerabilities_allowed: 0
severity_levels:
- critical
vulnerability_states: []
branch_type: default
vulnerability_attributes:
false_positive: false
fix_available: false
- type: scan_finding
scanners:
- dependency_scanning
vulnerabilities_allowed: 0
severity_levels:
- high
vulnerability_states:
- detected
- confirmed
- dismissed
- resolved
branch_type: default
vulnerability_age:
operator: greater_than
value: 30
interval: day
vulnerability_attributes:
fix_available: false
false_positive: false
- type: scan_finding
scanners:
- dependency_scanning
vulnerabilities_allowed: 0
severity_levels:
- medium
vulnerability_states:
- detected
- confirmed
- dismissed
- resolved
branch_type: default
vulnerability_age:
operator: greater_than
value: 60
interval: day
vulnerability_attributes:
fix_available: false
false_positive: false
actions:
- type: require_approval
approvals_required: 1
role_approvers:
- developer
- maintainer
- owner
Steps to reproduce
Example Project
What is the current bug behavior?
What is the expected correct behavior?
Relevant logs and/or screenshots
Output of checks
Results of GitLab environment info
Expand for output related to GitLab environment info
(For installations with omnibus-gitlab package run and paste the output of: `sudo gitlab-rake gitlab:env:info`) (For installations from source run and paste the output of: `sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)
Results of GitLab application Check
Expand for output related to the GitLab application check
(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:check SANITIZE=true
)(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true
)(we will only investigate if the tests are passing)