Move Security policy bot creation to service class (!120122) · Merge requests · GitLab.org / GitLab

Andy Schoenen requested to merge andysoiron/refactor-security-orchestration-create-bot-worker into master May 09, 2023

What does this MR do and why?

I'm planning to add bot users in a backfill migration. In order to re-use the worker code, this MR moves it into a service class and adds some improvements along the way:

It raises an error if the configuration has no project
It checks if current user has permission to add project members
User creation, project member creation and updating config is now in a transaction

The feature that is using the worker is behind the scan_execution_bot_users feature flag and not enabled.

Related to #394958 (closed)

How to set up and validate locally

Use the set up and validate locally instructions from !118089 (merged). There should be no logical change.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Move Security policy bot creation to service class

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports