Skip to content

Add support for non-cilium network policies

Alexander Turinske requested to merge 338521-non-cilium-policy into master

What does this MR do?

Add support for non-cilium network policies

  • I originally removed this feature because the feature was listed as deprecated
  • now they want it back
  • update tests
  • update mocks to be more organized

How to setup and validate locally (strongly suggested)

  1. Follow the Protect Onboarding task to be able to create network policies in kubernetes/cilium
  2. Follow the scan execution creation snippet to create some scan execution policies
  3. Turn on the :security_policies_orchestration_configuration feature flag
  4. Navigate to Security & Compliance => Policies
  5. Change the security policy project

Screenshots or Screencasts (strongly suggested)

Page Screenshot
Edit page - non-cilium policy network_edit
Edit page - cilium policy cilium_edit
Drawer - non-cilium policy network_drawer
Drawer - cilium policy cilium_drawer
Drawer - scan execution policy scan_drawer

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

Does this MR contain changes to processing or storing of credentials or tokens, authorization and authentication methods or other items described in the security review guidelines? If not, then delete this Security section.

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team

Related to #338521 (closed)

Merge request reports

Loading