Skip to content

Clarify configure SAST with customizations docs

What does this MR do and why?

While investigating https://gitlab.com/gitlab-com/sec-sub-department/section-sec-request-for-help/-/issues/357+s, I consulted the Configure SAST with customizations docs and noticed that they're incorrect.

The docs currently explain:

1. If the project does not have a `.gitlab-ci.yml` file, select **Enable SAST** in the Static
   Application Security Testing (SAST) row, otherwise select **Configure SAST**.

These docs indicate that if a .gitlab-ci.yml file is present, the button will show Configure SAST, however, this is not the case. In order for the button to show Configure SAST "[the latest] pipeline must have been successfully executed and generated valid artifacts" for the SAST scanner to be considered enabled, as explained in Fix text about Ultimate features and clarify co... (!100015 - merged) • Sam White • 15.5.

This MR clarifies the condition required for the button to show Enable SAST or Configure SAST.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Before After
Screenshot_2024-08-22_at_2.17.11_PM Screenshot_2024-08-22_at_2.19.07_PM
Edited by Adam Cohen

Merge request reports

Loading