Draft: Add process and resolve vulnerabilities job template for security rotation process
What does this MR do?
Add the following templates that can be used in individual projects as part of security reaction rotation
-
.security-triage-automation-process-vulnerabilities
runs the process vulnerabilities method from the security-triage-automation tool. -
resolve-comp-analysis-vulnerability-issues
runs the resolve vulnerabilities method from the security-triage-automation tool.
In the respective project we can use the template like this:
process-security-triage-vulnerabilities:
variables:
CUSTOM_LABELS: "--custom-labels=group::composition analysis"
INCLUDE_NON_FIPS: "--include-non-fips"
PROJECT_PATH: "gitlab-org/security-products/analyzers/gemnasium"
extends:
- .security-triage-automation-process-vulnerabilities
rules:
- if: '$TRIGGER_CA_PROCESS_SECURITY_ISSUES && $CI_PIPELINE_SOURCE == "schedule"'
when: always
What are the relevant issue numbers?
Relates to https://gitlab.com/gitlab-org/gitlab/-/issues/413771+
Does this MR meet the acceptance criteria?
sectionsec devopssecure groupcomposition analysis backend typemaintenance
Edited by Shao Ming Tan