Allow running SAST rules in all types of pipelines
What does this MR do and why?
This merge request removes the if: $CI_COMMIT_BRANCH
condition from the SAST rules in order to allow running the jobs in all types of pipelines without overriding all(!) SAST jobs. The user then has the ability to use workflow rules to disable merge request pipelines when he/she wants to restore the old behavior. Using workflow rules is the way how rules are [supposed to be used anyway according to your documentation. Even without any changes to user's .gitlab-ci.yml
, pipelines continue to work.
Screenshots or screen recordings
No UI changes.
How to set up and validate locally
# .gitlab-ci.yml
include:
- template: Security/SAST.gitlab-ci.yml
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
References
Fixes #353239 (closed)
Edited by Dark Dragon