Fix: do not update file passthrough value for local ruleset

What does this MR do?

As part of SAST/SD: Shared remote ruleset configuration is... (gitlab-org/gitlab#425730 - closed) • Ethan Urie • 17.0, ruleset was updated to fix a bug affecting remote custom rulesets, causing the remote ruleset to be ignored by the scanner.

In Support remote custom config (!27 - merged) • Ethan Urie • 17.0, the Config.Path is changed so that it's set to equal rulesetPath. This change fixes remote custom rulesets, but, also affects PassthroughFile. Config.Path is prepended to the Passthrough.Target. In most cases, this doesn't matter as passthroughs are only available in semgrep and the removed scanner nodejs scan.

Updating the Passthrough.Target results in the target note being found, as shown in this pipeline

read file passthrough: open /app/.gitlab/sast-ruleset.toml/foo.yml: not a directory

The MR restricts updating Passthrough.Target to only remote rulesets.

What are the relevant issue numbers?

gitlab-org/gitlab#458845 (closed)

Does this MR meet the acceptance criteria?

• Changelog entry added
• Documentation created/updated for GitLab EE, if necessary
• Documentation created/updated for this project, if necessary
• Documentation reviewed by technical writer or follow-up review issue created
• Tests updated/added for this feature/bug
• Job definition updated, if necessary
  • Auto-DevOps template
  • Job definition example
  • CI Templates
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• Security reports checked/validated by reviewer