Support exit codes in Security Policies

Release notes

Problem to solve

When an issue occurs with an analyzer, we may expect the analyzer to behave in a number of different ways. Policies expect an artifact to be produced for security scanners, and if they do not exist, the default state of failing closed results in blocking the MR and requiring approval.

Intended users

User experience goal

Proposal

In order to improve compatibility with GitLab analyzers, introduce a means for handling exit codes within policies to affect the resulting actions. This allows for smoother handling of failure cases from security analyzers and to choose behaviors in policy actions based on those exit codes.

Further details

Permissions and Security

Documentation

Availability & Testing

Available Tier

Feature Usage Metrics

What does success look like, and how can we measure that?

What is the type of buyer?

Is this a cross-stage feature?

What is the competitive advantage or differentiation for this feature?

Links / references

This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.