Skip to content

[RUN AS-IF-FOSS] Move all the changes related to reading SAST Configuration to CE

Saikat Sarkar requested to merge move_mutation_for_mr_merge into master

What does this MR do?

This MR is related to this issue. In this MR, we are going to move all changes related to reading SAST configuration. Right now, we are reading SAST.gitlab-ci.yml and .gitlab-ci.yml for reading default value and current values of different environment variables and configuring analyzers. This functionality now resides in EE. We will need this functionality in CE as we are moving SAST and Secret-Detection to core.

One of the tasks in this MR is to read the SAST.gitlab-ci.yml file in CE. We need to modify GlobalTemplateFinder in order to support SAST. Another solution to this issue is to move SAST.gitlab-ci.yml to a separate directory and add the mapping in GitlabCiYmlTemplate. However, they may exist some users who are using Security/SAST.gitlab-ci.yml in .gitlab-ci.yml. In that case, it is risky to move SAST.gitlab-ci.yml from Security directory to another directory.

Screenshots (strongly suggested)

Before the change in CE: Screen_Shot_2021-01-08_at_10.09.44_PM

After the change in CE: Screen_Shot_2021-01-08_at_10.02.44_PM

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team
Edited by Saikat Sarkar

Merge request reports

Loading