feat: Add SAST.latest and Secret-Detection.latest templates
What does this MR do and why?
Introduces SAST.latest.gitlab-ci.yml
and Secret-Detection.latest.gitlab-ci.yml
templates.
These templates are currently identical to the stable ones except for support for Merge Request Pipelines
Relates to #352058 (closed) and #217668 (closed)
Note that we may want to perform some additional changes in the templates prior to publicly announcing their availability (including expanding these to the remaining devopssecure templates), so this MR leaves off any additional documentation in the meantime.
How to set up and validate locally
include:
- template: SAST.latest.gitlab-ci.yml
- template: Secret-Detection.latest.gitlab-ci.yml
Example pipelines
Testing against: https://gitlab.com/theoretick/secrets-mr-pipelines/-/merge_requests/1
-
✅ default branch commit event triggering Basic Branch Pipeline: https://gitlab.com/theoretick/secrets-mr-pipelines/-/pipelines/484918770/builds -
✅ feature branch commit event triggering Basic Branch Pipeline: https://gitlab.com/theoretick/secrets-mr-pipelines/-/pipelines/484919365/builds -
✅ merge request event (Open MR) triggering Merge Request Pipeline: https://gitlab.com/theoretick/secrets-mr-pipelines/-/pipelines/484919584/builds -
✅ additional branch commit triggering single Merge Request Pipeline (no duplicates): https://gitlab.com/theoretick/secrets-mr-pipelines/-/pipelines/484920722
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Lucas Charles