Skip to content

Security Configuration page reports wrong status

Summary

If the latest pipeline doesn't contain security jobs, we assume that security features are not configured. But this can be untrue if there are a few different types of pipelines that can be run on the default branch.

Steps to reproduce

  1. Create a CI config that contains conditional jobs, so in one case Security jobs run, in others - don't.
  2. Observe the Configuration page in both cases.

Example Project

This bug happens for this GitLab project, when docs- pipeline is running. Example pipeline: https://gitlab.com/gitlab-org/gitlab/pipelines/138738569

What is the current bug behavior?

Security features are reported to be not configured

What is the expected correct behavior?

Security features have status configured

Relevant logs and/or screenshots

Screenshot_2020-04-22_at_18.14.55

Output of checks

This bug happens on GitLab.com

Possible fixes

There is no easy solution for this bug. Probably, we can parse .yml config to find if it contains security features /shrug