Add humanize support for branch types for security policies
What does this MR do and why?
Add humanize support for branch types for security policies
- Add humanize support for branch types
- branch types are now supported for humanized messages for scan result policy
- add no rule message for invalid branch types
- make humanize code similar for future consolidation
Changelog: added
EE: true
What does this MR not do and why?
- it does not abstract out some of the
humanize
methods because our file structure is not set up for this...yet. There are plans to look into it with #417691 (comment 1469201036)
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
Policy Type | yaml | Before | After |
---|---|---|---|
Scan Execution | type: pipeline, branch_type: all |
- | Every time a pipeline runs for any branch |
Scan Execution | type: pipeline, branches: ["*"] |
on every pipeline on the * branch |
Every time a pipeline runs for the * branch |
Scan Execution | type: pipeline, branches: [production, staging, release/*] |
on every pipeline on the production, staging and release/* branches |
Every time a pipeline runs for the production, staging and release/* branches |
Scan Execution | type: pipeline, branch_type: protected |
- | Every time a pipeline runs for any protected branch |
Scan Execution | type: schedule, cadence: 0 0 * * *, branch_type: default |
- | at 12:00 am, every day on the default branch |
Scan Result | branch_type: protected |
- | When Container Scanning scanner finds more than 5 vulnerabilities in an open merge request targeting any protected branch and all the following apply: |
Scan Result | branch_type: default |
- | When license scanner finds any license matching MIT License that is newly detected and is in an open merge request targeting the default branch. |
Scan Result | branches: spooky-stuff |
When license scanner finds any license except Apache License 2.0 that is pre-existing and is in an open merge request targeting the spooky-stuff branch. |
No change |
Policy Type | Screenshot |
---|---|
Scan Execution | |
Scan Result |
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
- Upload an GitLab Ultimate license
- Navigate to a group/project => Secure => Policies => New policy => Scan Execution Policy
- Create a policy with a variety of branch types
- Navigate to a group/project => Secure => Policies and verify the drawer for those new policies
- Navigate to a group/project => Secure => Policies => New policy => Scan Result Policy
- Create a policy with a variety of branch types
- Navigate to a group/project => Secure => Policies and verify the drawer for those new policies
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #404778 (closed)
Edited by Alexander Turinske