[go: up one dir, main page]
Skip to content

BE: Implement enforcement_type schema and policy configuration for warn mode

Why are we doing this work

This backend implementation adds the foundational schema changes and policy configuration support for warn mode functionality. The enforcement_type field enables policies to operate in either "warn" or "enforce" modes, where warn mode allows merge requests to proceed while generating warnings, and enforce mode blocks merge requests until violations are resolved.

This is a foundational backend dependency for the Policies Warn Mode epic.

Relevant links

Implementation

  • Add enforcement_type field to approval policy schema with "warn" and "enforce" values
  • Update JSON schema validation for approval policies to support enforcement_type configuration
  • Implement backward compatibility support for legacy approvals_required: 0 pattern
  • Add enforcement_type method to Security::Policy model to retrieve policy enforcement mode
  • Update warn_mode? method to check enforcement_type field with fallback to legacy pattern
  • Ensure default enforcement mode is "enforce" to maintain existing behavior

Technical notes

  • Schema changes must maintain backward compatibility with existing policies
  • Legacy approvals_required: 0 pattern should continue working during transition period
  • New enforcement_type field should default to "enforce" when not specified
  • Policy validation should accept both new and legacy configuration patterns
  • Changes should not affect existing policy functionality or performance
+    "enforcement_type": {
+      "description": "Defines how this policy should be enforced. 'enforce' (default) blocks merge requests when violations are detected. 'warn' allows merge requests to proceed but shows warnings.",
+      "type": "string",
+      "enum": ["warn", "enforce"],
+      "default": "enforce"

Validation Steps

  • New policies can be created with enforcement_type: "warn" or "enforce"
  • Existing policies without enforcement_type continue working with default "enforce" behavior
  • Legacy policies using approvals_required: 0 continue working as warn mode
  • Policy validation accepts both new enforcement_type and legacy patterns
  • warn_mode? method correctly identifies policies in warn mode using either pattern
  • Schema validation rejects invalid enforcement_type values
Edited by Alexander Turinske