Skip to content

Add branch_type validations

Martin Čavoj requested to merge 404777-add-branch_type-validations into master

What does this MR do and why?

This MR adds validation for the new branch_type that we're adding in &9468 (closed).

The validation is only applied when the feature flag security_policies_branch_type is enabled.

Screenshots or screen recordings

CleanShot_2023-06-01_at_09.23.12_2x

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

  1. In rails console enable the feature flag
    Feature.enable(:security_policies_branch_type)
  2. Go to Settings -> Repository -> Protected branches and unprotect the main branch
  3. Add a new scan execution policy with the following yaml:
    type: scan_execution_policy
    name: Pipeline / Protected Branches / Secret Detection
    description: ''
    enabled: true
    rules:
      - type: pipeline
        branch_type: protected
    actions:
      - scan: secret_detection
  4. Clicking on Configure with a merge request should give an error Branch types don't match any existing branches.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #404777 (closed)

Edited by Martin Čavoj

Merge request reports

Loading