Deprecate VALIDATE_SCHEMA CI variable
Deprecation Summary
In GitLab %15.0, validation of security reports against the declared schema version is enforced; see Enforce validation of security reports (&6968).
As part of this change, the VALIDATE_SCHEMA CI variable will no longer be honored.
For all intents and purposes, in GitLab %15.0 the behavior is equivalent to setting VALIDATE_SCHEMA: "true". This means validation is enforced and cannot be turned off.
Breaking Change
The removal of this configuration variable itself is not a breaking change. However, any reports that are currently failing validation will be rejected starting in GitLab %15.0. See decisions in the parent epic for more information.
Once Validate security report artifact against vendo... (#335789 - closed) is delivered, potentially in %14.9 but definitely by %14.10, a new feature flag will be introduced: enforce_security_report_validation. Timeline:
- %14.9 or %14.10: FF introduced; defaults to false.
- %15.0 FF defaults to true.
- %15.3 FF is removed; feature will be on and can no longer be turned off.
While enforce_security_report_validation and VALIDATE_SCHEMA co-exist, this is the defined behavior:
-
enforce_security_report_validationis on:VALIDATE_SCHEMAis ignored. -
enforce_security_report_validationis off:VALIDATE_SCHEMAis honored.
Affected Topology
Both SaaS and self-managed.
Affected Tier
- Ultimate
Checklist
-
@mentionyour stage's stable counterparts on this issue. For example, Customer Support, Customer Success (Technical Account Manager), Product Marketing Manager.- To see who the stable counterparts are for a product team visit product categories
-
@mentionyour GPM so that they are aware of planned deprecations. The goal is to have reviews happen at least two releases before the final removal of the feature or introduction of a breaking change.
Deprecation Milestone
Planned Removal Milestone
%15.0 (variable is ignored)
%15.3 (code is removed)
Links
/cc @matt_wilson