Skip to content

Add schema validation for approvals_required

What does this MR do and why?

This MR adds schema validation for approvals_required. There is already a model validation for approval rules, so by adding this validation into the schema, we can prevent situations where no merge request approval rules are created because the value is > 100 and thus not in line with the model validations.

Screenshots or screen recordings

CleanShot_2023-06-27_at_18.16.34_2x

How to set up and validate locally

  1. Go to Secure -> Policies
  2. Create a new scan result policy. You can switch to the .yaml mode and use the following:
type: scan_result_policy
name: Approvals
description: ''
enabled: true
rules:
  - type: scan_finding
    branches: []
    scanners:
      - secret_detection
    vulnerabilities_allowed: 0
    severity_levels:
      - critical
      - high
    vulnerability_states:
      - new_needs_triage
      - new_dismissed
actions:
  - type: require_approval
    approvals_required: 101
    user_approvers_ids:
      - 4
  1. There should be a validation error for approvals_required, as can be seen on the screenshot

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #409469 (closed)

Merge request reports

Loading