feat: Add SCA latest template supporting MR pipelines (!97323) · Merge requests · GitLab.org / GitLab

Lucas Charles requested to merge add-merge-request-pipeline-support-to-sca into master Sep 07, 2022

What does this MR do and why?

Adds *.latest.gitlab-ci.yml templates for all groupcomposition analysis categories
Adds support for Merge Request Pipelines to each of latest templates

This is split across multiple commits to hopefully improve readability but each file can be individually diff'd b/w the stable and latest templates to compare, as well.

For Category:SAST see previous work such as:

See main issue #217668 (closed) for list of remaining templates

How to set up and validate locally

include:
  - template: 'Security/Container-Scanning.latest.gitlab-ci.yml'
  - template: 'Jobs/Dependency-Scanning.latest.gitlab-ci.yml'
  - template: 'Jobs/License-Scanning.latest.gitlab-ci.yml'

Add template to project
Push to branch, wait for pipeline to complete
Open MR to ensure new pipeline is linked to MR event
Check pipeline to ensure it's proper

Note that ~"Category:Dependency Scanning" requires a corresponding file change so a file matching the relevant rules:exist block must be included

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Sep 09, 2022 by Lucas Charles

feat: Add SCA latest template supporting MR pipelines

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports