Skip to content

Skips security issues with invalid yaml

Mawreen Dela Cruz requested to merge skips-security-issues-with-invalid-yaml into master

What does this MR do and why?

Describe in detail what your merge request does and why.

To prevent the security_release_release_preparation:blog_postCI job to fail when the security issue contains an invalid CVE YAML file. Instead it should be skipped in the job with a message stating that it was skipped because the CVE was invalid. In the generated blog post content, the security issue with invalid CVE will still be included with a TODO which can be updated by the assigned AppSec.

Related issue: gitlab-com/gl-infra/delivery#19919 (closed)

Content

  • Add a logic to skip issues with invalid yaml files and add test case for it.
  • Add logger warning to denote that the security issue with invalid CVE YAML is skipped

Author Check-list

  • Has documentation been updated?
Edited by Mawreen Dela Cruz

Merge request reports