[go: up one dir, main page]

Add SEP policy source to job options

Martin Cavojrequested to merge
459001-add-job-source-claims-to-id-tokens-sep into master

What does this MR do and why?

Add SEP policy source to job options.

  • Add sha and project_id to SEP-triggered jobs options, following the same pattern as PEP.

References

  1. Scope policy job options under a single key (!208845 - merged)
  2. Add PEP source to job options (!190625 - merged)
  3. 👉 This one: Add SEP policy source to job options (!209673 - merged)
  4. Add policy source claims to id_tokens (!211472)

How to set up and validate locally

  1. Setup a project with a scan execution policy
  2. Trigger a pipeline
  3. Verify the policy job options include policy: { sha: '...', project_id: <spp_id> } 
    Ci::Build.find(<id>).options

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #459001

Edited by Martin Cavoj

Merge request reports