Allow merge when rules are invalid for security policy project
requested to merge 410456-create-an-exception-to-invalid-rules-for-security-policy-projects into master
What does this MR do and why?
This MR changes the behavior of for invalid security policy rules and allows merge of invalid security policy rules if the project is a security policy project.
Screenshots or screen recordings
Before
After:
Security policy projects get auto-approved:
Normal projects still fail-close:
How to set up and validate locally
- Create a group
- Create a group scan result policy, for example requiring SAST scanners, which is invalid - require more approvals than eligible approvers and merge it
- Make sure to invite the user whose approval is required directly into the group
- Edit the policy, fix the number of required approvals
- The MR for the security policy project should not be blocked due to invalid rule and it should be auto-approved.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #410456 (closed)
Edited by Martin Čavoj