Create violations and bot message for fail-open policies
requested to merge 474853-security-policy-any-fallback_behavior-should-automatically-include-a-bot-message into 490092-account-for-configured-scan-execution-policies-when-scan-is-missing-in-merge-request
What does this MR do and why?
This MR changes logic around fail-open policies to persist violations for these cases so that we can highlight skipped policies in the policy bot message. The violations for fail-open policies are created with a different status so that they don't block the MR with policy mergability check.
Depends on !168222.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Fail-closed (current) | Mixed fail-open and fail-closed | Fail-open |
---|---|---|
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
Related to #474853
Edited by Martin Čavoj