Simplify scanner logic for security reports (!91712) · Merge requests · GitLab.org / GitLab

Zamir Martins requested to merge simplify_scanner_logic_for_security_report into master Jul 04, 2022

What does this MR do and why?

Simplify scanner logic for security reports related to scan finding rules because of the following:

Scanners are being already considered as part of security reports.
Removing any chance of ambiguity between persisted data versus yaml policy file.

How to set up and validate locally

Create a security project as described in the docs
Create a new scan result policy with the project owner (set scanners to anything but container scanning)
Push a new MR with gitlab-ci.yml the following changes:

include:
  - template: Security/Container-Scanning.gitlab-ci.yml
variables:
  DOCKER_IMAGE: python:3.4-alpine

Expected The security approval rule shouldn't require approval.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Jul 06, 2022 by Zamir Martins

Simplify scanner logic for security reports

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports