Fix: do not update file passthrough value for local ruleset
What does this MR do?
As part of SAST/SD: Shared remote ruleset configuration is... (gitlab-org/gitlab#425730 - closed) • Ethan Urie • 17.0, ruleset was updated to fix a bug affecting remote custom rulesets, causing the remote ruleset to be ignored by the scanner.
In Support remote custom config (!27 - merged) • Ethan Urie • 17.0, the Config.Path
is changed so that it's set to equal rulesetPath
. This change fixes remote custom rulesets, but, also affects PassthroughFile
. Config.Path
is prepended to the Passthrough.Target
. In most cases, this doesn't matter as passthroughs
are only available in semgrep and the removed scanner nodejs scan.
Updating the Passthrough.Target
results in the target note being found, as shown in this pipeline
read file passthrough: open /app/.gitlab/sast-ruleset.toml/foo.yml: not a directory
The MR restricts updating Passthrough.Target
to only remote rulesets.
What are the relevant issue numbers?
gitlab-org/gitlab#458845 (closed)
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests updated/added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer