Add running Scan Execution Policies for merge_request_event pipelines (!118388) · Merge requests · GitLab.org / GitLab

Alan (Maciej) Paruszewski requested to merge run-scan-execution-policies-for-merge_request_event into master Apr 21, 2023

What does this MR do and why?

This MR changes when we extend the pipeline with scans enforced by Scan Execution Policies to include merge_request_event as with %16.0 we will be using new Security templates that will run by default as merge_request_event.

How to set up and validate locally

Create a new project
Configure Scan Execution Policies for this project (ie. enable Container Scanning for all branches) (https://docs.gitlab.com/ee/user/application_security/policies/scan-execution-policies.html)

Create .gitlab-ci.yml file that will run job only for branch pipeline:

test-job:
  script:
  - echo "Test Job!"
  rules:
  - if: $CI_COMMIT_BRANCH

Scans enforced by Scan Execution Policies should be added to this pipeline.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Add running Scan Execution Policies for merge_request_event pipelines

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports