Handle YAML parsing error in SAST config mutation (!107984) · Merge requests · GitLab.org / GitLab

Arpit Gogia requested to merge patch-sast-config-error-1653 into master Jan 03, 2023

What does this MR do and why?

Gracefully handles a YAML parsing error possible while modifying the CI config to add Secure feature specific snippet.

The exception handling is done for the following Secure features:

Secret Detection
SAST
Dependency Scanning
Container Scanning

Relevant issue: #386852 (closed)

Screenshots or screen recordings

Secret Detection

SAST

Dependency Scanning

Container Scanning

How to set up and validate locally

Create a new repository and add some files to it.
Within the repository create a .gitlab-ci.yml. Specifically, add at least one anchor/alias to it. Check below for an example.
Go to "Security and Compliance" > "Configuration". Choose "Enable SAST" and on the next screen, "Create merge request"
Doing so will lead to an error visible in the network logs. The HTTP status will be 200.

Example .gitlab-ci.yml with anchor and alias

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Jan 04, 2023 by Arpit Gogia

Handle YAML parsing error in SAST config mutation

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports