Skip to content
Snippets Groups Projects

Restore DS_ANALYZER_NAME for deprecated jobs

Merged Olivier Gonzalez requested to merge gonzoyumo-master-patch-56851 into master

What does this MR do and why?

CI configs using the removed jobs bundler-audit and retire.js might have unexpected failure as the job definition will not point to the right location for the docker image to be downloaded.

This doesn't harm pipelines as the job is allowed to fail.

This pb was introduced with this MR: !87563 (diffs)

Here's an example: https://gitlab.com/gitlab-org/security-products/analyzers/container-scanning/-/jobs/2470461129

Describe in detail what your merge request does and why.

Screenshots or screen recordings

These are strongly recommended to assist reviewers and reduce the time to merge your change.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
  • Olivier Gonzalez resolved all threads

    resolved all threads

  • Fabien Catteau approved this merge request

    approved this merge request

  • :wave: @fcatteau, thanks for approving this merge request.

    This is the first time the merge request is approved. To ensure full test coverage, a new pipeline has been started.

    For more info, please refer to the following links:

  • Allure report

    allure-report-publisher generated test report!

    review-qa-blocking: :exclamation: test report for 78f01b7f

    expand test summary
    +-------------------------------------------------------------------+
    |                          suites summary                           |
    +----------------------+--------+--------+---------+-------+--------+
    |                      | passed | failed | skipped | flaky | result |
    +----------------------+--------+--------+---------+-------+--------+
    | Verify               | 12     | 0      | 1       | 6     | ❗     |
    | Plan                 | 41     | 0      | 1       | 9     | ❗     |
    | Create               | 24     | 0      | 2       | 8     | ❗     |
    | Manage               | 34     | 0      | 2       | 8     | ❗     |
    | Configure            | 0      | 0      | 1       | 0     | ➖     |
    | Protect              | 2      | 0      | 0       | 2     | ❗     |
    | Package              | 0      | 0      | 1       | 0     | ➖     |
    | Version sanity check | 0      | 0      | 1       | 0     | ➖     |
    +----------------------+--------+--------+---------+-------+--------+
    | Total                | 113    | 0      | 9       | 33    | ❗     |
    +----------------------+--------+--------+---------+-------+--------+
  • Igor Frenkel approved this merge request

    approved this merge request

  • Thanks for making this MR @gonzoyumo - I re-ran the edge-case tests collected over the past week using the template from this MR and all pass:

    test pipeline MR status
    normal DS detection tests/ruby-bundler/-/pipelines/542113448 :white_check_mark:
    custom stage for DS tests/ruby-bundler/-/pipelines/542100105 :white_check_mark:
    removed job w/o script section tests/ruby-bundler/-/pipelines/542119327 :white_check_mark:
    retire.js sanity check tests/js-npm/-/pipelines/542117041 :white_check_mark:
    bundler-audit job w/script section tests/ruby-bundler/-/pipelines/542102785 :white_check_mark:

    The last test row is the one that fails without the current MR (e.g. using the master template):

    Edited by Igor Frenkel
    • Resolved by Igor Frenkel

      @gonzoyumo one non-blocking suggestion: Perhaps it's better to use a generic image (like ruby or alpine) rather than the bundler-audit one since we might run into another failure if that image goes away. If someone overrides the image then they keep using the analyzer. If it's just the job they get the error message. WDYT?

  • Tetiana Chupryna approved this merge request

    approved this merge request

  • requested review from @hfyngvason

  • Tetiana Chupryna removed review request for @brytannia

    removed review request for @brytannia

  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Please register or sign in to reply
    Loading