Custom Code Climate configuration file is overwritten by the default template

Summary

I'm trying to configure Code Climate in one of my pipelines, and I'm using the .codeclimate.yml file for this. Once the job starts, however, CodeClimate is not using my custom configuration file.

I've connected to the container running the job via SSH and the contents of that file are quite different from the one I configured.

Steps to reproduce

  1. Create a new project
  2. Add a .codeclimate.yml file that disables some engines and enables another one
version: "2"
plugins:
  csslint:
    enabled: false
  coffeelint:
    enabled: false
  duplication:
    enabled: false
  eslint:
    enabled: false
  fixme:
    enabled: false
  rubocop:
    enabled: false
  tflint:
    enabled: true
  1. Enable code quality scans in your project by adding the following lines to .gitlab-ci.yml 
include:
  - template: Code-Quality.gitlab-ci.yml

code_quality:
  variables:
    CODECLIMATE_DEBUG: "true"
  1. Wait for you pipeline to start (or manually start one)

What is the current bug behavior?

Code Climate's debug log will show these lines:

I, [2023-04-05T13:50:52.474284 #1]  INFO -- : starting engine csslint
...
I, [2023-04-05T13:50:53.084035 #1]  INFO -- : finished engine csslint
I, [2023-04-05T13:50:53.084206 #1]  INFO -- : starting engine coffeelint
...
I, [2023-04-05T13:50:53.684919 #1]  INFO -- : finished engine coffeelint
I, [2023-04-05T13:50:53.685042 #1]  INFO -- : starting engine eslint
I, [2023-04-05T13:50:54.710595 #1]  INFO -- : finished engine eslint
I, [2023-04-05T13:50:54.710705 #1]  INFO -- : starting engine fixme
I, [2023-04-05T13:50:55.366350 #1]  INFO -- : finished engine fixme
I, [2023-04-05T13:50:55.366461 #1]  INFO -- : starting engine rubocop
...
I, [2023-04-05T13:51:00.072525 #1]  INFO -- : finished engine rubocop

What is the expected correct behavior?

The engines in the log above should never run as they were explicitly disabled. The only enabled engine should run but it's not.

Relevant logs and/or screenshots

This is what I can see if I SSH directly into my runner, which is not what I've set in my repo:

root@my-runner:/builds/code/my-project# cat .codeclimate.yml
---
version: "2"
plugins:
  csslint:
    enabled: true
  coffeelint:
    enabled: true
  duplication:
    enabled: true
    config:
      languages:
        - ruby
        - javascript
        - python
        - php
  eslint:
    enabled: true
    channel: "stable"
  fixme:
    enabled: true
  rubocop:
    enabled: true
    channel: rubocop-0-92
exclude_patterns:
  - config/
  - db/
  - dist/
  - features/
  - "**/node_modules/"
  - script/
  - "**/spec/"
  - "**/test/"
  - "**/tests/"
  - Tests/
  - "**/vendor/"
  - "**/*_test.go"
  - "**/*.d.ts"
  - "**/*.min.js"
  - "**/*.min.css"
  - "**/__tests__/"
  - "**/__mocks__/"

Output of checks

Results of GitLab environment info

Not relevant, the issue is related to https://gitlab.com/gitlab-org/security-products/codequality but the issue tracker is being moved here.

Results of GitLab application Check

Not relevant, the issue is related to https://gitlab.com/gitlab-org/security-products/codequality but the issue tracker is being moved here.

Possible fixes