Skip to content
Snippets Groups Projects

Allow scan execution policies to create pipelines

Merged Allow scan execution policies to create pipelines
mc_rocha-test-scan-create-pipeline into master
Merged Marcos Rocha requested to merge mc_rocha-test-scan-create-pipeline into master
Viewing commit 3b2b4628
Show latest version
1 file
+ 25
7
Compare changes
  • Side-by-side
  • Inline
lib/gitlab/ci/pipeline/chain/config/content.rb
+ 25
7
@@ -10,14 +10,14 @@ class Content < Chain::Base
include ::Gitlab::Utils::StrongMemoize
def perform!
puts '########create_pipelines Content perform!########'
#logger.info('########Here########')
if pipeline_config&.exists?
@pipeline.build_pipeline_config(content: pipeline_config.content)
@command.config_content = pipeline_config.content
@pipeline.config_source = pipeline_config.source
@command.pipeline_config = pipeline_config
config = pipeline_config
config = merge_security_policies(config) if security_policies_enabled?
build_pipeline_config(config)
elsif security_policies_enabled?
security_policies_config = {}
security_policies_config = merge_security_policies(security_policies_config)
build_pipeline_config(security_policies_config)
else
error('Missing CI config file')
end
@@ -29,6 +29,24 @@ def break?
private
def build_pipeline_config(pipeline_config)
@pipeline.build_pipeline_config(content: pipeline_config.content)
@command.config_content = pipeline_config.content
@pipeline.config_source = pipeline_config.source
@command.pipeline_config = pipeline_config
end
def security_policies_enabled?
Feature.enabled?(:scan_execution_policy_pipeline, project) && project&.feature_available?(:security_orchestration_policies)
end
def merge_security_policies(config)
::Gitlab::Ci::Config::SecurityOrchestrationPolicies::Processor.new(config,
project,
@pipeline.ref,
pipeline_config.source).perform
end
def pipeline_config
strong_memoize(:pipeline_config) do
::Gitlab::Ci::ProjectConfig.new(