Add `branch_exceptions` to security policy schema
What does this MR do and why?
Adds support for branch_exceptions
to the security policy schema (see &9567 (closed)).
How to set up and validate locally
-
On the project or group level, navigate to
Secure > Policies
and verify you can create the following two sample policies:type: scan_execution_policy name: 'Test' description: '' enabled: true rules: - type: pipeline branch_type: protected branch_exceptions: - master - { name: "develop", full_path: "foo/bar" } actions: - scan: container_scanning tags: []
type: scan_result_policy name: Test description: '' enabled: true rules: - type: scan_finding scanners: - sast vulnerabilities_allowed: 0 severity_levels: [] vulnerability_states: [] branch_type: protected branch_exceptions: - master - { name: "develop", full_path: "foo/bar" } actions: - type: require_approval approvals_required: 1 user_approvers_ids: - 11
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #418735 (closed)