Add more details to security policy schedule doc (!130035) · Merge requests · GitLab.org / GitLab

Andy Schoenen requested to merge andysoiron/update-security-policy-schedule-documentation into master Aug 23, 2023

What does this MR do and why?

This adds more details about scheduled scan execution pipelines.

I experimented with schedule and trigger pipelines. For schedules, we only run the scan jobs. The project doesn’t even need a .gitlab-ci.yml. For triggers, we run the project pipeline and inject the scan jobs into the existing .gitlab-ci.yml.

How to set up and validate locally

Visit http://localhost:3000/help/user/application_security/policies/scan-execution-policies.md#schedule-rule-type

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Add more details to security policy schedule doc

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports