Configure SAST in UI - Create Merge Request fails

A developer on my team was able to add SAST to an existing project following the documentation here: Configure SAST Manually

We were having some issues with reporting after setting that up, so we wanted to see how it would be configured if we used the GitLab UI, then compare the result. We followed the instructions for “Configure SAST in the UI” in that same article, immediately below Configure SAST Manually; we have GitLab Ultimate accounts so the option is available to us.

The first screen shows a button for SAST named “Enable”. I was expecting to see a “Configure” button according to the documentation, but I went ahead and chose Enable.

The next screen is quite simple, with several prefilled fields and a Create Merge Request button at the bottom. We followed the instructions, accepted all the defaults, and our project indeed has a .gitlab-ci.yml file. When we click Create Merge Request, we get the following generic error message…

An error occurred while creating the merge request.

Behind the scenes, we can see that it created a branch for us named “set-sast-config-1” from master, but there are no commits in the branch.

Has anyone run into this issue?

I am a relatively new GitLab user so I will not be surprised if I am overlooking something simple.

Hi @philjsmith67

I know your post was from over a year ago, but do you know if/how you managed to resolve this? I’m getting the same issue too, and not quite sure why a merge request is being created in the first place. I was assuming the new branch that was automatically created injected adds some config files but I can’t see any new files in the branch either, on top of the fact that the button just shows the same error as yours.

Any help would be appreciated.

Dafydd

I do see this in the documentation

The configuration tool works best with no existing .gitlab-ci.yml file, or with a minimal configuration file. If you have a complex GitLab configuration file it may not be parsed successfully, and an error may occur.

I’m guessing that’s what the problem is, but my pipeline file is super simple (I’m new to gitlab pipelines), and have no idea where it’s struggling!

OK so given what I posted earlier, I saved a copy of my pipeline file, removed the existing pipeline file from main (I was in a test project so there was no issue with this), created the merge request (which created a new pipeline file with reference to a new sast job and some other necessary settings) and merged into main.

I then copied in the contents of my previous pipeline file and rejigged some of the stages and it worked fine.

If the logic to parse the pipeline file isn’t working on a pretty simplistic file, GitLab should really just get that button to display a copyable fragment of text that someone can add manually.

My apologies for not responding sooner.

Our workaround which is now our normal process is to just ignore the UI and configure the CI in YAML. Preferably, projects just use a CI template with SAST configured already. In fact the only reason we attempted to use the UI was to see if there is something GitLab does for us that we should consider doing in YAML ourselves.