Update SoftwareLicense services to create custom software licenses
What does this MR do and why?
Update services to create custom software license
This MR updates the SoftwareLicensePolicies::CreateService
to create custom licenses
Related to: #441078 (closed)
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
How to set up and validate locally
- Enable the
custom_software_license
feature flag on the rails console
Feature.enable(:custom_software_license)
- Create a new project
- Go to Secure > Policies
- Click in New policy
- Select Merge request approval policy
- Create a policy with an existing and a new license:
Something like:
type: approval_policy
name: policy
description: ''
enabled: true
rules:
- type: license_finding
match_on_inclusion_license: true
license_types:
- 3dfx Glide License
- New Custom License
license_states:
- newly_detected
branch_type: default
actions:
- type: require_approval
approvals_required: 1
role_approvers:
- developer
- type: send_bot_message
enabled: true
approval_settings:
block_branch_modification: true
prevent_pushing_and_force_pushing: true
fallback_behavior:
fail: closed
If you don't have any license in the license dropdown follow this guide to add the SPDX licenses.
- Check if the new license was saved in the
custom_software_license
table
Security::CustomSoftwareLicense.last
#<Security::CustomSoftwareLicense:0x000000016a1feb70 id: 1, project_id: 891, name: "New Custom License">
- Check the last 2
SoftwareLicensePolicy
records
SoftwareLicensePolicy.last(2)
One should be linked to the existing software_license
=> [#<SoftwareLicensePolicy:0x0000000169dd8168
id: 37997,
project_id: 891,
software_license_id: 177,
classification: "denied",
created_at: Mon, 03 Jun 2024 22:18:42.376382000 UTC +00:00,
updated_at: Mon, 03 Jun 2024 22:18:42.376382000 UTC +00:00,
scan_result_policy_id: 709,
custom_software_license_id: nil>,
The other one should be linked to the new custom_software_license
#<SoftwareLicensePolicy:0x0000000169dd8208
id: 37998,
project_id: 891,
software_license_id: nil,
classification: "denied",
created_at: Mon, 03 Jun 2024 22:33:42.760331000 UTC +00:00,
updated_at: Mon, 03 Jun 2024 22:33:42.760331000 UTC +00:00,
scan_result_policy_id: 709,
custom_software_license_id: 1>]