ci: automatically assign missing priority labels to ruleset issues (!451) · Merge requests · GitLab.org / security-products / sast-rules

Michael Henriksen requested to merge feat/ci-issues-assign-severities into main Mar 06, 2024

What does this MR do?

Introduces a new CI script that fetches SASTRuleset issues on gitlab-org/gitlab with missing ~SAST::Ruleset::P* priority label. The script attempts to find references to either a community rule, or a rule in this project, to fetch the rule YAML and assign a priority label based on the rule's severity:

ERROR -> SAST::RulesetP2
WARNING -> SAST::RulesetP3
INFO -> SAST::RulesetP4
Other -> SAST::RulesetP4

The MR also introduces a CI job and a new maintenance stage which will be set up to run the script on a daily schedule.

ci: automatically assign missing priority labels to ruleset issues

What does this MR do?

Merge request reports