🎨 Design: Clarify the state of security approvals while the pipeline is still running
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
Background
Currently security approval policies block all MRs until the pipeline finishes running. This is done to ensure that the MR is not merged in before security scans have a chance to detect new vulnerabilities. This state is not clearly communicated to the end user and can lead to confusion when they believe security approvals are required when they actually are in fact just pending while the pipeline completes.
Users thought that the security rule blocks MR while the pipeline was still running, but actually, it is because the pipeline is running at the moment.
Proposal
Consider adding a note to the security approval rule while the pipeline is in progress. Something along the lines of..“Waiting for pipeline to pass”