Fix definition of security related jobs (!2499) · Merge requests · GitLab.org / gitlab-runner

Tomasz Maczukin requested to merge fix-secure-jobs-definitions into master Oct 20, 2020

What does this MR do?

This MR will disable unwanted jobs and will add missing rules definition to the fuzz testing one.

Why was this MR needed?

The jobs added with !1897 (merged) and !2347 (merged) are causing a duplicate pipeline started for each branch push. It also causes unwanted jobs to be started in context of the MR pipeline.

What's the best way to test this MR?

Look at the pipelines tab of this MR. It contains only the Merge Request pipeline that have only the jobs we want. While, for example, !2493 (closed) contains two pipelines - one started for the MR and second for the branch.

What's important - expected jobs (like for example gosec-sast) are still present despite we're using the disabling variables. It's because we're overriding the rules for the jobs we want to run.

What are the relevant issue numbers?

Closes #27122 (closed)

Edited Oct 20, 2020 by Tomasz Maczukin

Fix definition of security related jobs

What does this MR do?

Why was this MR needed?

What's the best way to test this MR?

What are the relevant issue numbers?

Merge request reports