Add SAST scan API endpoint
Problem to solve
To perform security scans from the IDE in real-time, we intend to use a REST API endpoint.
The endpoint is available only to Ultimate customers, and although this change supports both SaaS and Self-managed instances, cloud connector doesn't currently support Ultimate only, non-addon Self-managed unit primitives.
Note: according to https://handbook.gitlab.com/handbook/product-development-flow/feature-flag-lifecycle/#when-to-use-feature-flags, we are adding the endpoint without a feature flag.
Proposal
- add an Ultimate only feature
- add a project policy limits to developers, maintainers, and owners
- add a new service and scope to cloud connector
access_data.ymlwith no cut_off_data - add endpoint handler of
POST /projects/:id/security/scan- relay file path and content to CC backend
- add tests
- add documentation
Edited by Jason Leasure