Add SAST scan API endpoint
Problem to solve
To perform security scans from the IDE in real-time, we intend to use a REST API endpoint.
The endpoint is available only to Ultimate customers, and although this change supports both SaaS and Self-managed instances, cloud connector doesn't currently support Ultimate only, non-addon Self-managed unit primitives.
Note: according to https://handbook.gitlab.com/handbook/product-development-flow/feature-flag-lifecycle/#when-to-use-feature-flags, we are adding the endpoint without a feature flag.
Proposal
-
add an Ultimate only feature -
add a project policy limits to developers, maintainers, and owners -
add a new service and scope to cloud connector access_data.yml
with no cut_off_data -
add endpoint handler of POST /projects/:id/security/scan
-
relay file path and content to CC backend
-
-
add tests -
add documentation
Edited by Jason Leasure