Support YAML anchors/aliases when configuring security via MR

Proposal

Support use of anchors/aliases in existing .gitlab-ci.yml when configuring security via Merge Request.

Problem

For customers that want to enable security via MR with existing .gitlab-ci.yml files using anchors/aliases, they receive an error and are unable to continue in the UI.

Currently we handle Psych::BadAlias exception when parsing YAML by raising CiContentParseError with the text:

.gitlab-ci.yml with aliases/anchors is not supported. Please change the CI configuration manually.

In some cases like configuring SAST, this error text is not returned. To understand the problem, GitLab Support needed to track the error in Sentry: https://gitlab.com/gitlab-org/gitlab/-/blob/afe737de5b3f59af60e92d1cc2296e20a6c5ad95/app/services/security/ci_configuration/base_create_service.rb#L43

History

The specific handling of this error was introduced as part of this MR. The screenshots in the MR for "SAST" matches the errors you see in the UI: !107984 (merged)

We have added documentation that somewhat addresses this limitation: https://docs.gitlab.com/ee/user/application_security/sast/#configure-sast-with-customizations

The configuration tool works best with no existing .gitlab-ci.yml file, or with a minimal configuration file. If you have a complex GitLab configuration file it may not be parsed successfully, and an error may occur.