Commit 147cbea4 authored by Paul Slaughter's avatar Paul Slaughter

Merge branch 'enhance_validation_to_consider_scan_result_policy' into 'master'

Enhance policy validation to consider scan result

See merge request gitlab-org/gitlab!80555
parents a0a98716 4504a7f9
......@@ -71,7 +71,7 @@ const updatePolicy = async ({
};
/**
* Updates the assigned security policy project's policy file with the new policy yaml or creates one (project or file) if one does not exist
* Updates the assigned security policy project's policy file with the new policy yaml or creates one file if one does not exist
* @param {Object} payload contains the currently assigned security policy project (if one exists), the path to the project, and the policy yaml value
* @returns {Object} contains the currently assigned security policy project and the created merge request
*/
......
......@@ -22,10 +22,12 @@ module Security
def invalid_policy_type?
return true if policy[:type].blank?
!Security::OrchestrationPolicyConfiguration::AVAILABLE_POLICY_TYPES.include?(policy[:type].to_sym)
!Security::OrchestrationPolicyConfiguration::AVAILABLE_POLICY_TYPES.include?(policy_type)
end
def blank_branch_for_rule?
return false if policy_type == :scan_result_policy
policy[:rules].any? { |rule| rule[:clusters].blank? && rule[:branches].blank? }
end
......@@ -55,6 +57,10 @@ module Security
repository.branch_names
end
end
def policy_type
policy[:type].to_sym
end
end
end
end
......@@ -76,13 +76,22 @@ RSpec.describe Security::SecurityOrchestrationPolicies::ValidatePolicyService do
end
context 'when branches are missing' do
using RSpec::Parameterized::TableSyntax
let(:branches) { nil }
it { expect(result[:status]).to eq(:error) }
it { expect(result[:message]).to eq('Policy cannot be enabled without branch information') }
where(:policy_type, :status, :message) do
'scan_result_policy' | :success | nil
'scan_execution_policy' | :error | 'Policy cannot be enabled without branch information'
end
with_them do
it { expect(result[:status]).to eq(status) }
it { expect(result[:message]).to eq(message) }
it_behaves_like 'checks only if policy is enabled'
end
end
context 'when branches are provided' do
let(:branches) { ['master'] }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment