Control Build tool logging based on `SECURE_LOG_LEVEL` variable
What does this MR do?
Build tools like Maven, Gradle, and SBT do not follow consistency in printing error content into the “error” stream of the console. Some older versions of Maven/Gradle follow it, whereas newer versions print on the regular Output stream. This causes Spotbugs to skip error Stacktrace for some of the projects as it is referring only to the error console stream.
The fail-safe way is to control the Logging Level (via CLI arg) of the build tool via the command line so that it logs based on the level we have passed in the SECURE_LOG_LEVEL
variable value.
What are the relevant issue numbers?
gitlab-org/gitlab#322832 (closed)
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Auto-DevOps template (also in CE) -
Job definition example -
CI Templates (to be removed) -
Vendored CI Templates (also in CE)
-
-
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by Vishwa Bhat