External Pipeline Validation

I’m trying to do a security check for pipelines and came across this feature in the admin docs: External pipeline validation | GitLab

It seems pretty interesting, but I don’t get how to use it. In the configuration part it just says “Set the EXTERNAL_VALIDATION_SERVICE_URL to the external service url.” But I can’t find that option anywhere nor a variable in the gitlab.rb file. I’m using a local omnibus for testing. Is this feature still supported at all?

Hi,

the docs say it is experimental, so I’d say it is not officially supported and just some iterative feature test.

From reading the merge request source code, I’d guess that this allows to validate CI configuration in a certain way.

Cheers,
Michael

Although it’s not officially supported, do you have any idea how to use it or where to enable that option?

Hi,

unfortunately not, I just read the source after googling a bit for it. I could imagine that this lives for implementing future features and do some PoC tests. GitLab’s development process lives in short iterations that’s likely why this feature already exists without a specific purpose.

@Linds could you maybe ask PMs about the purpose of this feature please? :slight_smile:

Cheers,
Michael