Fix including CI files in pipeline execution policy
What does this MR do and why?
This fixes a bug that prevented external CI files from being included in a pipeline execution policy when the project was private
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
How to set up and validate locally
- Create a group
- Go to Settings -> General
- Toggle the Permissions and group features section
- Enable Security policy pipeline execution action
- Create a new private project in the group
- Add a new file
ci-file.yaml
to the project with the following content:job: stage: build script: - echo "Defined in security policy"
- Create another new project in the group
- On the Group level left sidebar, select Security & Compliance and Policies
- Select New Policy
- Select Scan execution policy
- Select Add new action and Run CI/CD code
- In the dropdown for Run select Linked existing CI file.
- Select the
ci-file.yaml
file you created in the other project before. - Select Configure with a merge request and merge the MR.
- Go back to the project and try to start a pipeline via Build -> Pipelines -> Run pipeline
- This should fail on the
master
branch but work on this MR
Edited by Andy Schoenen