Clarify configure SAST with customizations docs (!163578) · Merge requests · GitLab.org / GitLab

Adam Cohen requested to merge clarify-configure-sast-with-customizations-docs into master Aug 22, 2024

What does this MR do and why?

While investigating https://gitlab.com/gitlab-com/sec-sub-department/section-sec-request-for-help/-/issues/357+s, I consulted the Configure SAST with customizations docs and noticed that they're incorrect.

The docs currently explain:

1. If the project does not have a `.gitlab-ci.yml` file, select **Enable SAST** in the Static
   Application Security Testing (SAST) row, otherwise select **Configure SAST**.

These docs indicate that if a .gitlab-ci.yml file is present, the button will show Configure SAST, however, this is not the case. In order for the button to show Configure SAST "[the latest] pipeline must have been successfully executed and generated valid artifacts" for the SAST scanner to be considered enabled, as explained in Fix text about Ultimate features and clarify co... (!100015 - merged) • Sam White • 15.5.

This MR clarifies the condition required for the button to show Enable SAST or Configure SAST.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Before	After

Edited Aug 22, 2024 by Adam Cohen

Clarify configure SAST with customizations docs

What does this MR do and why?

MR acceptance checklist

Screenshots or screen recordings

Merge request reports