Clarify configure SAST with customizations docs
What does this MR do and why?
While investigating https://gitlab.com/gitlab-com/sec-sub-department/section-sec-request-for-help/-/issues/357+s, I consulted the Configure SAST with customizations docs and noticed that they're incorrect.
The docs currently explain:
1. If the project does not have a `.gitlab-ci.yml` file, select **Enable SAST** in the Static
Application Security Testing (SAST) row, otherwise select **Configure SAST**.
These docs indicate that if a .gitlab-ci.yml
file is present, the button will show Configure SAST
, however, this is not the case. In order for the button to show Configure SAST
"[the latest] pipeline must have been successfully executed and generated valid artifacts" for the SAST
scanner to be considered enabled, as explained in Fix text about Ultimate features and clarify co... (!100015 - merged) • Sam White • 15.5.
This MR clarifies the condition required for the button to show Enable SAST
or Configure SAST
.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Before | After |
---|---|