Fix FetchPolicyApproversService for ComplianceFramework
What does this MR do and why?
This change fixes a bug in Security::SecurityOrchestrationPolicies::FetchPolicyApproversService
when the container is ComplianceManagement::Framework
.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Before | After |
---|---|
How to set up and validate locally
- Create a compliance framework for a root group in
Settings
->General
->Compliance Frameworks
- Create a security policy with compliance framework in the scope for the group
- Disable
security_policy_global_group_approvers_enabled
settings in rails-console:
Gitlab::CurrentSettings.current_application_settings.update(security_policy_global_group_approvers_enabled: false)
- Go to
graphql-explorer
and try the graphql query:
query {
namespace(fullPath:<path of the group>) {
complianceFrameworks {
nodes {
name
scanResultPolicies {
nodes {
name
allGroupApprovers {
fullPath
}
}
}
}
}
}
}