Add security policy schema to block unprotecting branches
What does this MR do and why?
This adds security policy schema for the "block unprotecting branches" setting.
How to set up and validate locally
- Create a project
- Create a scan result security policy with the following content:
type: scan_result_policy name: Any unsigned MR description: '' enabled: true rules: - type: any_merge_request branch_type: protected commits: unsigned actions: - type: require_approval approvals_required: 1 user_approvers_ids: - 4 # Change to any existing user ID with access to the project approval_settings: block_unprotecting_branches: true
- Copy the ID of your project
- Start a rails console
- Fetch the
Security::ScanResultPolicyRead
:Security::ScanResultPolicyRead.where(project_id: 172).first.project_approval_settings
- It should have the following value:
{"block_unprotecting_branches"=>true}
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #423101 (closed)
Edited by Andy Schoenen