Add filtering security policies to return only inherited policies
What does this MR do and why?
How to set up and validate locally
- Create new Group
- Create new Subgroup within created Group
- Create new Project within created Project
- For each Group, Subgroup and Project go to
Security & Compliance
->Policies
and create new Policy for each of them:
type: scan_execution_policy
name: Enable SAST for Group/Subgroup/Project
description: ''
enabled: true
rules:
- type: pipeline
branches:
- '*'
actions:
- scan: sast
- Go to GraphQL Explorer (
/-/graphql-explorer
), use this query (and similar for other Project/Group/Subgroup):
query {
group(fullPath: "gitlab-org/protect/demos/sandbox/policies-for-group/policies-for-subgroup") {
scanExecutionPolicies(relationship: INHERITED_ONLY) {
nodes {
name
source {
... on GroupSecurityPolicySource {
inherited
}
}
}
}
}
}
You should see only inherited policies.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to FE: Create filter for 'Source' (#345323 - closed)