Merge branch 'rename-sast-major-version' into 'master'

Rename MAJOR_VERSION to ANALYZER_IMAGE_TAG in SAST See merge request gitlab-org/gitlab!19782

Merge branch 'rename-sast-major-version' into 'master'
Rename MAJOR_VERSION to ANALYZER_IMAGE_TAG in SAST See merge request gitlab-org/gitlab!19782
3d783547 · Jan Provaznik · bb233bc4 · c08dc2b8 · 3d783547 · 3d783547
Commit 3d783547 authored Nov 11, 2019 by Jan Provaznik
Showing with 15 additions and 16 deletions

doc/user/application_security/sast/index.md doc/user/application_security/sast/index.md +1 -2

lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml +14 -14

No files found.
--- a/doc/user/application_security/sast/index.md
+++ b/doc/user/application_security/sast/index.md
@@ -196,8 +196,7 @@ The following are Docker image-related variables.
 |------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
 | `SAST_ANALYZER_IMAGES`       | Comma separated list of custom images. Default images are still enabled. Read more about [customizing analyzers](analyzers.md). Not available when [Docker in Docker is disabled](#disabling-docker-in-docker-for-sast). |
 | `SAST_ANALYZER_IMAGE_PREFIX` | Override the name of the Docker registry providing the default images (proxy). Read more about [customizing analyzers](analyzers.md).                                                                                    |
-| `SAST_ANALYZER_IMAGE_TAG`    | Override the Docker tag of the default images. Read more about [customizing analyzers](analyzers.md). Not available when [Docker in Docker is disabled](#disabling-docker-in-docker-for-sast).                           |
-| `SAST_MAJOR_VERSION`         | Override the Docker tag of the default images. Only available when [Docker in Docker is disabled](#disabling-docker-in-docker-for-sast).                                                                                 |
+| `SAST_ANALYZER_IMAGE_TAG`    | Override the Docker tag of the default images. Read more about [customizing analyzers](analyzers.md).                                                                                                                    |
 | `SAST_DEFAULT_ANALYZERS`     | Override the names of default images. Read more about [customizing analyzers](analyzers.md).                                                                                                                             |
 | `SAST_DISABLE_DIND`          | Disable Docker in Docker and run analyzers [individually](#disabling-docker-in-docker-for-sast).                                                                                                                         |
 | `SAST_PULL_ANALYZER_IMAGES`  | Pull the images from the Docker registry (set to 0 to disable). Read more about [customizing analyzers](analyzers.md). Not available when [Docker in Docker is disabled](#disabling-docker-in-docker-for-sast).          |

--- a/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml
@@ -7,7 +7,7 @@
 variables:
  SAST_ANALYZER_IMAGE_PREFIX: "registry.gitlab.com/gitlab-org/security-products/analyzers"
  SAST_DEFAULT_ANALYZERS: "bandit, brakeman, gosec, spotbugs, flawfinder, phpcs-security-audit, security-code-scan, nodejs-scan, eslint, tslint, secrets, sobelow, pmd-apex"
-  SAST_MAJOR_VERSION: 2
+  SAST_ANALYZER_IMAGE_TAG: 2
  SAST_DISABLE_DIND: "false"

 sast:
@@ -61,7 +61,7 @@ sast:
 bandit-sast:
  extends: .analyzer
  image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/bandit:$SAST_MAJOR_VERSION"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/bandit:$SAST_ANALYZER_IMAGE_TAG"
  only:
    variables:
      - $GITLAB_FEATURES =~ /\bsast\b/ &&
@@ -71,7 +71,7 @@ bandit-sast:
 brakeman-sast:
  extends: .analyzer
  image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/brakeman:$SAST_MAJOR_VERSION"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/brakeman:$SAST_ANALYZER_IMAGE_TAG"
  only:
    variables:
      - $GITLAB_FEATURES =~ /\bsast\b/ &&
@@ -81,7 +81,7 @@ brakeman-sast:
 eslint-sast:
  extends: .analyzer
  image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/eslint:$SAST_MAJOR_VERSION"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/eslint:$SAST_ANALYZER_IMAGE_TAG"
  only:
    variables:
      - $GITLAB_FEATURES =~ /\bsast\b/ &&
@@ -91,7 +91,7 @@ eslint-sast:
 flawfinder-sast:
  extends: .analyzer
  image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/flawfinder:$SAST_MAJOR_VERSION"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/flawfinder:$SAST_ANALYZER_IMAGE_TAG"
  only:
    variables:
      - $GITLAB_FEATURES =~ /\bsast\b/ &&
@@ -101,7 +101,7 @@ flawfinder-sast:
 gosec-sast:
  extends: .analyzer
  image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/gosec:$SAST_MAJOR_VERSION"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/gosec:$SAST_ANALYZER_IMAGE_TAG"
  only:
    variables:
      - $GITLAB_FEATURES =~ /\bsast\b/ &&
@@ -111,7 +111,7 @@ gosec-sast:
 nodejs-scan-sast:
  extends: .analyzer
  image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/nodejs-scan:$SAST_MAJOR_VERSION"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/nodejs-scan:$SAST_ANALYZER_IMAGE_TAG"
  only:
    variables:
      - $GITLAB_FEATURES =~ /\bsast\b/ &&
@@ -121,7 +121,7 @@ nodejs-scan-sast:
 phpcs-security-audit-sast:
  extends: .analyzer
  image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/phpcs-security-audit:$SAST_MAJOR_VERSION"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/phpcs-security-audit:$SAST_ANALYZER_IMAGE_TAG"
  only:
    variables:
      - $GITLAB_FEATURES =~ /\bsast\b/ &&
@@ -131,7 +131,7 @@ phpcs-security-audit-sast:
 pmd-apex-sast:
  extends: .analyzer
  image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/pmd-apex:$SAST_MAJOR_VERSION"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/pmd-apex:$SAST_ANALYZER_IMAGE_TAG"
  only:
    variables:
      - $GITLAB_FEATURES =~ /\bsast\b/ &&
@@ -141,7 +141,7 @@ pmd-apex-sast:
 secrets-sast:
  extends: .analyzer
  image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/secrets:$SAST_MAJOR_VERSION"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/secrets:$SAST_ANALYZER_IMAGE_TAG"
  only:
    variables:
      - $GITLAB_FEATURES =~ /\bsast\b/ &&
@@ -150,7 +150,7 @@ secrets-sast:
 security-code-scan-sast:
  extends: .analyzer
  image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/security-code-scan:$SAST_MAJOR_VERSION"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/security-code-scan:$SAST_ANALYZER_IMAGE_TAG"
  only:
    variables:
      - $GITLAB_FEATURES =~ /\bsast\b/ &&
@@ -160,7 +160,7 @@ security-code-scan-sast:
 sobelow-sast:
  extends: .analyzer
  image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/sobelow:$SAST_MAJOR_VERSION"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/sobelow:$SAST_ANALYZER_IMAGE_TAG"
  only:
    variables:
      - $GITLAB_FEATURES =~ /\bsast\b/ &&
@@ -170,7 +170,7 @@ sobelow-sast:
 spotbugs-sast:
  extends: .analyzer
  image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/spotbugs:$SAST_MAJOR_VERSION"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/spotbugs:$SAST_ANALYZER_IMAGE_TAG"
  only:
    variables:
      - $GITLAB_FEATURES =~ /\bsast\b/ &&
@@ -180,7 +180,7 @@ spotbugs-sast:
 tslint-sast:
  extends: .analyzer
  image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/tslint:$SAST_MAJOR_VERSION"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/tslint:$SAST_ANALYZER_IMAGE_TAG"
  only:
    variables:
      - $GITLAB_FEATURES =~ /\bsast\b/ &&