Skip to content

Handle YAML parsing error in SAST config mutation

Arpit Gogia requested to merge patch-sast-config-error-1653 into master

What does this MR do and why?

Gracefully handles a YAML parsing error possible while modifying the CI config to add Secure feature specific snippet.

The exception handling is done for the following Secure features:

  • Secret Detection
  • SAST
  • Dependency Scanning
  • Container Scanning

Relevant issue: #386852 (closed)

Screenshots or screen recordings

Secret Detection image
SAST image
Dependency Scanning image
Container Scanning image

How to set up and validate locally

  1. Create a new repository and add some files to it.
  2. Within the repository create a .gitlab-ci.yml. Specifically, add at least one anchor/alias to it. Check below for an example.
  3. Go to "Security and Compliance" > "Configuration". Choose "Enable SAST" and on the next screen, "Create merge request"
  4. Doing so will lead to an error visible in the network logs. The HTTP status will be 200.
Example .gitlab-ci.yml with anchor and alias image

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Arpit Gogia

Merge request reports

Loading