Fix bug with assignSecurityPolicyProject
What does this MR do and why?
Fix bug with assignSecurityPolicyProject
- Having the check/creation of a new security policy project in the same method as the commit/MR creation was the issue here; the check/creation of a new security policy project needed to be separated out so that if there was a problem with the commit/MR creation, it wouldn't check/create a new security policy project again.
- now we save the newly created security policy project for future requests so if a user puts in invalid yaml the first time, assignSecurityPolicyProject is called and a security policy project is created. If they fix the yaml and submit it again, assignSecurityPolicyProject is not called again
- update tests
Changelog: fixed
EE: true
Screenshots or screen recordings
| Scenario | GIF |
|---|---|
| Creating a policy with a security policy project assigned |  |
| Creating a policy without a security policy project assigned |  |
| Error |  |
How to set up and validate locally
- Protect onboarding
- Create scan execution policies using https://gitlab.com/-/snippets/2147628
- Follow this patch update_policy_patch.txt using your own scan execution policy
- Navigate to
Security & Compliance=>Policies=>New Policy=> Create the policy - Navigate to a new project without a security policy project assigned to it and create a policy
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #341420 (closed)
Edited by Alexander Turinske