Skip to content

Add pattern validation for cadence in Scan Execution Policy Schema

What does this MR do and why?

In Fix error when creating Policy Schedule with in... (!88878 - merged) we've added validation for cron in Security::OrchestrationPolicyRuleSchedule, however we've been discussing how to present this validation error to end user. While we do not have (yet!) the ability to show errors from Security Policies, we can at least start validating cadence value in YAML file editor.

Provided pattern for cadence is simplified and designed like this to cover most popular examples.

How to set up and validate locally

  1. Create new project
  2. Go to Security & Compliance -> Policies, click New Policy, select Scan execution policy and try creating invalid policy:
type: scan_execution_policy
name: 'Invalid Schedule'
description: ''
enabled: true
rules:
  - type: schedule
    branches:
      - main
    cadence: "invalid * * * *"
actions:
  - scan: sast
  1. Verify if error appears with explanation.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Dominic Couture

Merge request reports

Loading