Fix: Include bap-generate-stage (!506) · Merge requests · GitLab.org / security-products / sast-rules

Julian Thome requested to merge jthome/fix-ci-include-bap-generate-stage into main Apr 02, 2024

What does this MR do?

Currently our pipeline is red; this change is supposed to fix the CI pipeline issue: 'bap-analysis-trigger-analysis' job needs 'bap-analysis-generate-work' job, but 'bap-analysis-generate-work' is not in any previous stage by introducing a dedicated stage.

What are the relevant issue numbers?

This is a follow-up MR of !505 (merged).

Does this MR meet the acceptance criteria?

The test cases cover both positive and negative cases and are also annotated with appropriate semgrep annotations:
- For positive cases: // ruleid: ...
- For negative cases: // ok: ....
Following metadata fields exist for the rule(s) added/updated in this MR:
- owasp with both 2017 and 2021 mappings.
- category: "security"
- cwe
- shortDescription
- security-severity
The message field is valid and contains a secure code example.
Applicable license is mentioned in the rule if embedded/taken from external source.
Relevant labels including workflow labels are appropriately selected.

Edited Apr 02, 2024 by Julian Thome

Fix: Include bap-generate-stage

What does this MR do?

What are the relevant issue numbers?

Does this MR meet the acceptance criteria?

Merge request reports