Technical discovery: enable SAST Config UI with advanced CI configurations
Problem to solve
As a project maintainer, I want the SAST Config UI to provide a guided experience regardless of how my project's build process is configured. This means it should work if I use AutoDevops, all build settings in the
.gitlab-ci.yml file, or a myriad of include files bundled within the
Today, we know how to parse project CI configurations if they are using AutoDevops or have customizations only encapsulated within the
.gitlab-ci.yml file. However, we don't know how we're going to handle cases where CI configurations span multiple YAML files. The most obvious example of this is the CI definition for the GitLab Rails project.
We need to learn how to programmatically discern the following details:
- File containing each individual CI configuration settings, regardless of what file they happen to be in.
- Line number of each individual CI configuration setting in the file in which they were detected.
The above items need to work against the project's default branch.