Real-time scan endpoint authorization fails on staging
Problem to solve
The experimental endpoint /projects/:id/security_scans/sast/scan
is broken on staging
details
Authorization for the endpoint relies on the availability of the sast
cloud connector service. We currently sue free_access?
, as it had been true
when cut_off_date
is null
and false
if a service is missing.
This change: 94b17955
has free_access?
return false
if cut_off_date_expired_enabled?
is true
.
Its implementation, will return false
unless we're testing or staging.. so GDK and staging fallthrough and return Feature.enabled?(:cloud_connector_cut_off_date_expired, :instance, type: :ops)
On GDK, that's false
and on staging it's true
.
Proposal
Use a different method for determining that the cloud connector backend is globally available.