Secure integration test failures
Summary
We have started experiencing a number of failures across devopssecure integration tests. In multiple cases expectations are missing vulnerabilities and fixtures are passing.
Stack trace
- https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs/-/pipelines/156929485
- https://gitlab.com/gitlab-org/security-products/analyzers/security-code-scan/-/pipelines/156907303
Fixes
spotbugs
spotbugs downstream QA tests are getting filtered out by the new defaults set for SAST_EXCLUDED_PATHS
in !34076 (merged).
- gitlab-org/security-products/analyzers/spotbugs!46 (merged) (quickfix)
- #223283 (deeper fix)
Security Code Scan
security-code-scan downstream QA tests are failing to a legitimate bug regarding how we're filtering. It's fix will be tracked in #223835 (closed)
Tasks
- [-] (moved to issue) Re-enable downstream tests to be blocking on https://gitlab.com/gitlab-org/security-products/analyzers/security-code-scan/ (see https://gitlab.com/gitlab-org/security-products/analyzers/security-code-scan/-/blob/aa93b736768147d90bc7fb9a6420290e09f24a64/.gitlab-ci.yml#L10-20)
-
(done in mr) Re-enable downstream tests to be blocking on https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs/
Edited by Daniel Paul Searles