Fix the error when enabling security scans with a MR

Marcos Rocharequested to merge
mc_rocha-fix-error-enable-security-scans-mr-ci-reference into master

What does this MR do and why?

This MR updates the Security::CiConfiguration::BaseCreateService to load the existing CI content using Gitlab::Ci::Config::Yaml.load!. as recommended in this comment.

This change resolves the issue that prevented projects with existing CI files containing the !reference tag from enabling security scans using the Security configuration Configure with a merge request feature.

It appears that this also enables projects with existing CI that contain YAML anchors to utilize the Configure with a merge request feature.

References

Related to: #368951

Screenshots or screen recordings

Before After
Screenshot_2025-07-15_at_4.18.44_PM Screenshot_2025-07-15_at_4.18.28_PM

How to set up and validate locally

  1. Create a new group
  2. Create a new project in the group
  3. Add a file templates/.gitlab-ci-example1.yml with the content:
.check-variable-bash:
  script:
    - echo creating environment
  1. Create another project in the group
  2. Add a .gitlab-ci.yml file with the content:
include:
  - project: '<group/project-created-on-step-2>'
    file: '/templates/.gitlab-ci-example1.yml'

test:
  script:
    - !reference [.check-variable-bash, script]
  1. Go to Secure > Security configuration
  2. Go to the Dependency Scanning section
  3. Click on Configure with a merge request
  4. Verify that a new MR is created

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Marcos Rocha

Merge request reports