ci: automatically assign missing priority labels to ruleset issues
What does this MR do?
Introduces a new CI script that fetches SASTRuleset issues on gitlab-org/gitlab
with missing ~SAST::Ruleset::P*
priority label. The script attempts to find references to either a community rule, or a rule in this project, to fetch the rule YAML and assign a priority label based on the rule's severity:
-
ERROR
-> SAST::RulesetP2 -
WARNING
-> SAST::RulesetP3 -
INFO
-> SAST::RulesetP4 - Other -> SAST::RulesetP4
The MR also introduces a CI job and a new maintenance
stage which will be set up to run the script on a daily schedule.