Skip to content

Add yaml validation for scan result policies

Alexander Turinske requested to merge 393435-add-schema-validation-for-scan-result-policies into master

What does this MR do and why?

Describe in detail what your merge request does and why.

Add yaml validation for scan result policies

  • gernalize current yaml validation
  • update tests

Changelog: changed

EE: true

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Policy Type Screenshot
project scan execution project_sep_validation
group scan execution group_sep_validation
project scan result project_srp_validation
group scan result group_srp_validation
non existent forced_error_-_no_validation

No validation example shown with the following below patch

diff --git a/ee/app/assets/javascripts/security_orchestration/components/utils.js b/ee/app/assets/javascripts/security_orchestration/components/utils.js
index ad2255bd3f4c..1f6a055f0d13 100644
--- a/ee/app/assets/javascripts/security_orchestration/components/utils.js
+++ b/ee/app/assets/javascripts/security_orchestration/components/utils.js
@@ -44,7 +44,7 @@ export const getSinglePolicySchema = async ({ namespacePath, namespaceType, poli
           description: 'Specifies the type of policy to be enforced.',
           enum: policyType,
         },
-        ...schemaForMultiplePolicies.properties[policyType].items.properties,
+        ...schemaForMultiplePolicies.properties['a'].items.properties,
       },
     };
   } catch {

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

  1. Navigate to a project => Security & Compliance => Policies => New policy => Scan Result policy => yaml mode (example gdk url)
  2. Verify yaml validation
  3. Navigate to a project => Security & Compliance => Policies => New policy => Scan Execution policy => yaml mode (example gdk url)
  4. Verify yaml validation
  5. Navigate to a group => Security & Compliance => Policies => New policy => Scan Result policy => yaml mode (example gdk url)
  6. Verify yaml validation
  7. Navigate to a group => Security & Compliance => Policies => New policy => Scan Execution policy => yaml mode (example gdk url)
  8. Verify yaml validation

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #393435 (closed)

Edited by Alexander Turinske

Merge request reports