Can't run an on-demand scans in a blank project
When creating a blank project in GitLab, the Git repository is an empty shell without any branch, which makes it impossible to run an on-demand scan, as they need to be associated with a branch. With the recently implemented branch selection feature, this results in an empty ref selector being displayed in the UI, without any options to select from.
This can be seen in the dast-saved-scans-testing
test project: https://gitlab.com/gitlab-org/security-products/dast-saved-scans-testing/-/on_demand_scans/new
What should we do in such case?
- Should we loosen up the restrictions so that a DAST scan can be run without a branch?
- Or block the access to the on-demand scans form altogether as long as no branch exists?
- Something else?
Proposal
- Show error message, directing user to create a repository in order to run a scan
Implementation plan
-
When no default branch is provided to the app, assume that no repository exists and show the error message.
Edited by Paul Gascou-Vaillancourt