Update scheduled PEP docs based on user feedback
What does this MR do and why?
Update scheduled pipeline execution documentation based on feedback from the design discussion in &14147 (comment 2141198280).
This MR clarifies two key aspects of scheduled pipeline execution policies:
-
Separation from project CI/CD: Explicitly document that scheduled policies create completely separate pipelines that do not execute any project CI/CD jobs, addressing the question: "Are these pipelines always separate from project CI?"
-
Pipeline distribution and load management: Add guidance on distributing pipelines across time windows when applying policies to many projects, and clarify that monthly schedule intervals may vary due to random distribution.
Relevant conversation quotes
On pipeline separation from project CI/CD:
"Unlike regular pipeline execution policies that inject or override jobs in existing pipelines, scheduled policies create new pipelines", which sounds to me like this is separate from the project's .gitlab-ci.yml.
Response confirming separation:
Yes, they are separate and independent from .gitlab-ci.yml file.
On pipeline distribution and load management:
We want to introduce intervals: daily/weekly/monthly and time_window where you would be able to specify within what timeframe scans should be scheduled. So when you enable Scheduled PEP for 1000 projects in the group, and you set time window from 2am to 10am, then we will evenly distribute these 1000 scheduled pipelines within 8h window.
On monthly schedule intervals:
If a user has a monthly schedule and uses a time window of 10 days it may happen that the next run is 1 month +- 10 days.
MR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.