Enable interactive yaml validation for policies
What does this MR do and why?
Enable interactive yaml validation for single policy creation in the policy editor
- security policies can be created via yaml mode
- the yaml has specific fields that can be added as well as types for those fields
- utilize a schema to notify users when they have incorrectly input a field
Changelog: added
EE: true
Technical Details
There are two places that need validation:
- For a single policy being created on the policy editor (where users should be creating new security policies) (this MR)
- For multiple policies in the file where the policy editor saves to (
<security_policy_project>/.gitlab/security-policies/policy.yml) (future MR)
The differences can be seen in this discussion
The backend already had a schema for multiple policies (for other reasons), so I am resusing that schema for the single policy (which is slightly different for reasons), thus, I request the schema, modify it slightly, and then use the schema field to submit it.
Screenshots or screen recordings
| Page | Field | Screenshot |
|---|---|---|
| Scan Execution Policy Editor - Project | type |
 (i.e. validation does exist) |
| Scan Execution Policy Editor - Project | name |
 (i.e. validation does exist) |
| Scan Execution Policy Editor - Group | - |  |
| Scan Result Policy Editor | - |
 (i.e. validation does not exists) |
| Scan Execution Policy Drawer | - |
 (i.e. validation does not exist) |
| Scan Result Policy Drawer | - |
 (i.e. validation does not exist) |
How to set up and validate locally
- Upload a GitLab Ultimate license
- Navigate to a project => Security & Compliance => Policies => New Policy => Scan Execution Policy
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #357877 (closed)
Edited by Alexander Turinske