Perform job with delay for scan result policies approval rules sync
What does this MR do and why?
Invoke SyncScanResultPoliciesProjectService
with a delay of 1 minute when a protected branch is created or destroyed.
See related context discussion: #409047 (comment 1372222803)
We query for protected branches in
Security::SecurityOrchestrationPolicies::ProcessScanResultPolicyService
and do try to persist inApprovalRules::Updater
After rollout we should observed these errors https://log.gprd.gitlab.net/goto/36960640-043a-11ee-8afc-c9851e4645c0
How to set up and validate locally
- Create a Simple scan result policy like
scan_result_policy:
- name: License Policy 1
description: ''
enabled: true
actions:
- type: require_approval
approvals_required: 1
users_approvers_ids:
- 1
rules:
- type: license_finding
branches: []
match_on_inclusion: true
license_types:
- GNU General Public License v3.0 or later
license_states:
- newly_detected
- Create a new protected branch which invokes
Security::ProcessScanResultPolicyWorker
and we should observe the job invocation for ProcessScanResultPolicyWorker happens after a minute in log/Sidekiq.log.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #409047 (closed)
Edited by Bala Kumar