Add `fallback_behavior` usage metrics (!155718) · Merge requests · GitLab.org / GitLab

Alan (Maciej) Paruszewski requested to merge 462372-add-metrics-for-fail-open into master Jun 07, 2024

What does this MR do and why?

This MR adds metrics to track usage of fail_open in MR approval policies.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

How to set up and validate locally

Create a new project
Navigate to Secure > Policies and create the following Merge request approval policy:

type: approval_policy
name: Container Scanning Fail Open
enabled: true
fallback_behavior:
  fail: open
rules:
- type: scan_finding
  scanners:
  - container_scanning
  vulnerabilities_allowed: 0
  severity_levels: []
  vulnerability_states: []
  branch_type: protected
actions:
- type: require_approval
  approvals_required: 1
  role_approvers:
    - owner

Merge an MR that updates README.md and validate that one of the Redis counters got incremented:

Gitlab::Redis::SharedState.with { |conn| conn.get("{event_counters}_bypass_approvals_for_mr_approval_policy_when_policy_is_evaluated") } => "1"

Related to #462372 (closed)

Edited Jul 16, 2024 by Dominic Bauer

Add `fallback_behavior` usage metrics

What does this MR do and why?

MR acceptance checklist

How to set up and validate locally

Merge request reports