Fix error when security policy CI contains no jobs (!141520) · Merge requests · GitLab.org / GitLab

Andy Schoenen requested to merge andysoiron/fix-error-when-custom-policy-ci-has-no-jobs into master Jan 10, 2024

What does this MR do and why?

This fixes an error that appears if a custom security policy CI does not define any jobs

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

How to set up and validate locally

Create a new Group.
Navigate to Settings -> General.
Expand the Permissions and group features section.
Enable the "Run customized CI YAML file as security policy actions" experiment.
Create a new project in the group.

Add a .gitlab-ci.yml file with content:

job1:
  stage: build
  script:
    - echo "job 1"

Select Secure -> Policies -> New policy .
Select Scan execution policy.

Switch to .yaml mode and past the following policy:

type: scan_execution_policy
name: test
description: ''
enabled: true
rules:
  - type: pipeline
    branch_type: all
actions:
  - scan: custom
    ci_configuration: |-
      variables:
        GLOBAL_VAR: "Policies"

Select configure with a merge request and merge the MR.
Start a new pipeline in the project.
Starting the pipeline should work without an error.

Fix error when security policy CI contains no jobs

What does this MR do and why?

MR acceptance checklist

How to set up and validate locally

Merge request reports