Allow artifacts from Application Security Testing template to be downloaded

Thiago Figueirórequested to merge
544923-include-artifacts-path-in-sast-template-for-release-evidence into master

What does this MR do and why?

Allow artifacts from devopsapplication security testing templates to be downloaded. This is also a workaround for release evidence requirements.

This is already the case with certain templates such as container scanning, and dependency scanning.

This MR adds artifacts:paths to all AST templates that don't already have it.

References

Include Artifacts:Path in SAST Template for Rel... (#544923 - closed)

Screenshots or screen recordings

Before After
image image

How to set up and validate locally

  1. Run a pipeline using any of the modified templates.
    1. Current template: https://gitlab.com/gitlab-org/secure/tests/thiagocsf-secure-tests/juice-shop/-/jobs/10146942485
    2. New template: https://gitlab.com/gitlab-org/secure/tests/thiagocsf-secure-tests/juice-shop/-/jobs/10146961633
    3. CI config: gitlab-org/secure/tests/thiagocsf-secure-tests/juice-shop@a92e0f75
  2. Verify that:
    1. Job log shows artifact upload as archive in addition to the report type (e.g. sast): Uploading artifacts as "archive"
    2. Job artifacts show the Keep/Download/Browse buttons for the artifact uploaded.
  3. (optional) Create a release, then verify that the evidence includes the artifact(s) above
    1. Example for gl-sast: https://gitlab.com/gitlab-org/secure/tests/thiagocsf-secure-tests/juice-shop/-/releases/v17.1.1-test1

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #544923 (closed)

Edited by Thiago Figueiró

Merge request reports