Gitlab group license discovery fails with 1.0.8

Question

Gitlab group license discovery fails with 1.0.8

tvannahl opened this issue 4 months ago · 2 comments

tvannahl commented 4 months ago

TL;DR

When executing legitify v1.0.8 against a premium repository the license discovery fails and findings are being skipped.

Expected behavior

All policies are being scanned with a premium Gitlab license

Observed behavior

Some policies are being skipped due to "unmet prerequisite".

Version

1.0.8

On which operating system are you using legitify?

Linux

Relevant log output

error.log:
2024/05/23 14:30:02 2024/05/23 14:30:02 failed to get namespace for group mygroup/batcave/personal-project didn't find namespace for mygroup

permissions_log.json:
{
  "missing_permissions": {},
  "skipped_policies": {
    "code_review_by_two_members_not_required": {
      "CI CD-Security": "Unmet prerequisite: premium"
    },
    "code_review_not_required": {
      "CI CD-Security": "Unmet prerequisite: premium"
    },
    "missing_default_branch_protection": {
      "CI CD-Security": "Unmet prerequisite: premium"
    },
    "missing_default_branch_protection_force_push": {
      "CI CD-Security": "Unmet prerequisite: premium"
    },
    "no_signed_commits": {
      "CI CD-Security": "Unmet prerequisite: premium"
    },
    "repository_allows_committer_approvals_policy": {
      "CI CD-Security": "Unmet prerequisite: premium"
    },
    "repository_allows_overriding_approvers": {
      "CI CD-Security": "Unmet prerequisite: premium"
    },
    "repository_dismiss_stale_reviews": {
      "CI CD-Security": "Unmet prerequisite: premium"
    },
    "repository_require_code_owner_reviews_policy": {
      "CI CD-Security": "Unmet prerequisite: premium"
    }
  }
}{
  "missing_permissions": {},
  "skipped_policies": {
    "code_review_by_two_members_not_required": {
      "CI CD-Security": "Unmet prerequisite: premium"
    },
    "code_review_not_required": {
      "CI CD-Security": "Unmet prerequisite: premium"
    },
    "missing_default_branch_protection": {
      "CI CD-Security": "Unmet prerequisite: premium"
    },
    "missing_default_branch_protection_force_push": {
      "CI CD-Security": "Unmet prerequisite: premium"
    },
    "no_signed_commits": {
      "CI CD-Security": "Unmet prerequisite: premium"
    },
    "repository_allows_committer_approvals_policy": {
      "CI CD-Security": "Unmet prerequisite: premium"
    },
    "repository_allows_overriding_approvers": {
      "CI CD-Security": "Unmet prerequisite: premium"
    },
    "repository_dismiss_stale_reviews": {
      "CI CD-Security": "Unmet prerequisite: premium"
    },
    "repository_require_code_owner_reviews_policy": {
      "CI CD-Security": "Unmet prerequisite: premium"
    }
  }
}

Additional information

Tested with v1.0.7. where everything works as expected. Tests executed in Fedora 39.

Additionally tested and verified on Macos.

Answer 1 · 2024-07-09T06:11:53.000Z

Hi @tvannahl!
Could you share the command you used to run legitify?

Answer 2 · 2024-07-16T15:39:43.000Z

We're using legitify analyze --scm gitlab --repo {path} withSCM_TOKEN set and executed within a gitlab ci cd pipeline.