Warning for scheduled scan execution policy for large groups
What does this MR do and why?
- Scan execution policy on a group level can have potential performance issues
- If group has 1000+ projects (including subgroups) and
scheduled
rule is selected, user should see the warning - Warning can be dismissed and policy can be saved, or user can dismiss warning and continue editing
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
New policy | Existing policy |
---|---|
schedule.mov | existing policy.mov |
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
- Navigate to the Policy Editor for Scan Execution Policy for groups with many projects. (Secure -> Policies -> New policy -> Scan execution)
- Or you can mock it in
ee/security_orchestration/components/policy_editor/scan_execution/constants.js
PROJECTS_COUNT_PERFORMANCE_LIMIT - Try to create a scheduled scan and try to save the policy.
- Verify that a warning message indicates the potential performance impact.
- Verify that the user can bypass the warning and save the policy.
- Now go to the Project policy editor and group with a low number of projects.
- Try to create a scheduled scan and try to save the policy.
- Verify that a warning message is not displayed.
Related to #468352 (closed)