Update file sast.yml

templates/sast.yml

@@ -43,7 +43,7 @@ spec:
     SAST_EXCLUDED_PATHS: "$DEFAULT_SAST_EXCLUDED_PATHS"
     COMPILE: $[[ inputs.use_precompiled_artifacts ]]
   dependencies: $[[ inputs.spotbugs_dependencies ]]
-    script:
+  script:
     - /analyzer run
   artifacts:
     access: 'developer'
@@ -130,10 +130,6 @@ spec:
     - '**/application*.yaml'
     - '**/bootstrap*.yaml'
 
-.pmd-apex-exist-rules:
-  exists:
-    - '**/*.cls'
-
 gitlab-advanced-sast:
   extends: .sast-analyzer
   image:
@@ -191,23 +187,9 @@ pmd-apex-sast:
   rules:
     - if: '"$[[ inputs.excluded_analyzers ]]" =~ /pmd-apex/'
       when: never
-    
-    # The following 3 blocks of rules define whether the job runs in a an *MR pipeline* or a *branch pipeline*
-    # when an MR exists. If the job has additional rules to observe they should be added in the blocks 1 and 3
-    # to cover both the *MR pipeline* and the *branch pipeline* workflows.
-
-    # 1. Run the job in an *MR* pipeline if MR pipelines for AST are enabled and there's an open merge request.
-    - if: '"$[[ inputs.enable_mr_pipelines ]]" == "true" &&
-          $CI_PIPELINE_SOURCE == "merge_request_event"'
-      exists: !reference [.pmd-apex-exist-rules, exists]
-
-   # 2. Don't run the job in a *branch pipeline* if *MR pipelines* for AST are enabled and there's an open merge request.
-    - if: '"$[[ inputs.enable_mr_pipelines ]]" == "true" &&
-          $CI_OPEN_MERGE_REQUESTS'
-      when: never
-    # 3. Finally, run the job in a *branch pipeline* (When MR pipelines are disabled for AST, or it is enabled but no open MRs exist for the branch).
     - if: $CI_COMMIT_BRANCH
-      exists: !reference [.pmd-apex-exist-rules, exists]
+      exists:
+        - '**/*.cls'
 
 security-code-scan-sast:
   extends: .sast-analyzer