Add new states to ApprovalProjectRule vulnerability_states validation
What does this MR do and why?
During the validation of issue !397057, we realized that approval project rules for the new states added in MR !117394 were not being created.
The error happened because this validation prevented project rules with the states from being created.
This MR adds the new states to ApprovalProjectRule's validation of allowed vulnerability_states.
Related to #397057 (closed)
How to set up and validate locally
- Create a new project
- Go to /-/security/policies.
- Click on New Policy.
- Select Scan result policy.
- Change to yaml mode and copy one of the yaml policies below
type: scan_result_policy
name: Test new_needs_triage
description: ''
enabled: true
rules:
- type: scan_finding
branches: []
scanners: []
vulnerabilities_allowed: 0
severity_levels:
- critical
- high
- medium
- low
- unknown
- info
vulnerability_states:
- new_needs_triage
actions:
- type: require_approval
approvals_required: 1
user_approvers_ids:
- 1-
Click on Configure with a merge request.
-
Merge the new MR.
-
Add a
.gitlab-ci.ymlwith the content
include:
- template: Jobs/SAST.gitlab-ci.yml
test-job:
script:
- echo "Test Job..."- Go to the project overview page
- Click on
Web IDE - Add a new ruby script file with the code
class Generic
def run_on_system
system("cat #{params[:path]}")
end
end- Click on Commit & Push
- Click on Yes commit to a new branch
- Choose a branch name or accept the default one
- Click on Create MR
- Verify that MR contains the approval rule added in step 5.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Bala Kumar