Support remote custom configs
What does this MR do?
Refactors the code slightly to pass a pointer to the ruleset back to the command/run.go file that manages the running of the scanner and reporting.
This allows the report module to use the same ruleset without re-cloning it from the remote git repo.
This change depends on changes to the ruleset and command modules too.
What are the relevant issue numbers?
Testing
To test this, since it requires multiple modules, we need to do some tricksy work:
- Checkout the
425730_eurie_remote_ruleset_not_applied_during_report_generationbranch forkics - Then create a
modulesfolder in the cloned director - In the
modulesfolder clone the425730_eurie_remote_ruleset_not_applied_during_report_generationbranch for thecommand,report, andrulesetmodules. - In the top-level
kicsdirectory we're going to start a go workspace:go work init .go work use modules/command modules/ruleset
- Clone the test project into
qa/fixtures:git@gitlab.com:jfarmiloe/sast-remote-config-issue.git - Make sure there's no
cast-ruleset.tomlin that project's.gitlabfolder (there was when I cloned it) - Now run
analyzer-build - Run
analyzer-debug qa/fixtures/sast-remote-config-issue - In the debug container, set the following environment variables
GITLAB_FEATURES=sast_custom_rulesetsSAST_RULESET_GIT_REFERENCE=gitlab.com/jfarmiloe/sast-remote-config-issue-rules
- Run the
kicsanalyzer via:/analyzer run - Verify that there are no results in the resulting
/tmp/app/gl-sast-report.jsonfiles
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests updated/added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by Lucas Charles