Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
d2d607df
Commit
d2d607df
authored
Dec 19, 2019
by
celdem
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Rename template jobs for SAST and DS
parent
f588407e
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
26 additions
and
21 deletions
+26
-21
changelogs/unreleased/fix-conflict-dast-ds.yml
changelogs/unreleased/fix-conflict-dast-ds.yml
+5
-0
lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml
...b/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml
+6
-6
lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml
lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml
+15
-15
No files found.
changelogs/unreleased/fix-conflict-dast-ds.yml
0 → 100644
View file @
d2d607df
---
title
:
Rename common template jobs in sast and ds
merge_request
:
22084
author
:
type
:
fixed
lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml
View file @
d2d607df
...
@@ -72,7 +72,7 @@ dependency_scanning:
...
@@ -72,7 +72,7 @@ dependency_scanning:
-
$DEPENDENCY_SCANNING_DISABLED
-
$DEPENDENCY_SCANNING_DISABLED
-
$DS_DISABLE_DIND == 'true'
-
$DS_DISABLE_DIND == 'true'
.analyzer
:
.
ds-
analyzer
:
extends
:
dependency_scanning
extends
:
dependency_scanning
services
:
[]
services
:
[]
except
:
except
:
...
@@ -82,7 +82,7 @@ dependency_scanning:
...
@@ -82,7 +82,7 @@ dependency_scanning:
-
/analyzer run
-
/analyzer run
gemnasium-dependency_scanning
:
gemnasium-dependency_scanning
:
extends
:
.analyzer
extends
:
.
ds-
analyzer
image
:
image
:
name
:
"
$DS_ANALYZER_IMAGE_PREFIX/gemnasium:$DS_MAJOR_VERSION"
name
:
"
$DS_ANALYZER_IMAGE_PREFIX/gemnasium:$DS_MAJOR_VERSION"
only
:
only
:
...
@@ -92,7 +92,7 @@ gemnasium-dependency_scanning:
...
@@ -92,7 +92,7 @@ gemnasium-dependency_scanning:
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /ruby|javascript|php/
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /ruby|javascript|php/
gemnasium-maven-dependency_scanning
:
gemnasium-maven-dependency_scanning
:
extends
:
.analyzer
extends
:
.
ds-
analyzer
image
:
image
:
name
:
"
$DS_ANALYZER_IMAGE_PREFIX/gemnasium-maven:$DS_MAJOR_VERSION"
name
:
"
$DS_ANALYZER_IMAGE_PREFIX/gemnasium-maven:$DS_MAJOR_VERSION"
only
:
only
:
...
@@ -102,7 +102,7 @@ gemnasium-maven-dependency_scanning:
...
@@ -102,7 +102,7 @@ gemnasium-maven-dependency_scanning:
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /\bjava\b/
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /\bjava\b/
gemnasium-python-dependency_scanning
:
gemnasium-python-dependency_scanning
:
extends
:
.analyzer
extends
:
.
ds-
analyzer
image
:
image
:
name
:
"
$DS_ANALYZER_IMAGE_PREFIX/gemnasium-python:$DS_MAJOR_VERSION"
name
:
"
$DS_ANALYZER_IMAGE_PREFIX/gemnasium-python:$DS_MAJOR_VERSION"
only
:
only
:
...
@@ -112,7 +112,7 @@ gemnasium-python-dependency_scanning:
...
@@ -112,7 +112,7 @@ gemnasium-python-dependency_scanning:
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /python/
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /python/
bundler-audit-dependency_scanning
:
bundler-audit-dependency_scanning
:
extends
:
.analyzer
extends
:
.
ds-
analyzer
image
:
image
:
name
:
"
$DS_ANALYZER_IMAGE_PREFIX/bundler-audit:$DS_MAJOR_VERSION"
name
:
"
$DS_ANALYZER_IMAGE_PREFIX/bundler-audit:$DS_MAJOR_VERSION"
only
:
only
:
...
@@ -122,7 +122,7 @@ bundler-audit-dependency_scanning:
...
@@ -122,7 +122,7 @@ bundler-audit-dependency_scanning:
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /ruby/
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /ruby/
retire-js-dependency_scanning
:
retire-js-dependency_scanning
:
extends
:
.analyzer
extends
:
.
ds-
analyzer
image
:
image
:
name
:
"
$DS_ANALYZER_IMAGE_PREFIX/retire.js:$DS_MAJOR_VERSION"
name
:
"
$DS_ANALYZER_IMAGE_PREFIX/retire.js:$DS_MAJOR_VERSION"
only
:
only
:
...
...
lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml
View file @
d2d607df
...
@@ -50,7 +50,7 @@ sast:
...
@@ -50,7 +50,7 @@ sast:
-
$SAST_DISABLED
-
$SAST_DISABLED
-
$SAST_DISABLE_DIND == 'true'
-
$SAST_DISABLE_DIND == 'true'
.analyzer
:
.
sast-
analyzer
:
extends
:
sast
extends
:
sast
services
:
[]
services
:
[]
except
:
except
:
...
@@ -60,7 +60,7 @@ sast:
...
@@ -60,7 +60,7 @@ sast:
-
/analyzer run
-
/analyzer run
bandit-sast
:
bandit-sast
:
extends
:
.analyzer
extends
:
.
sast-
analyzer
image
:
image
:
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/bandit:$SAST_ANALYZER_IMAGE_TAG"
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/bandit:$SAST_ANALYZER_IMAGE_TAG"
only
:
only
:
...
@@ -70,7 +70,7 @@ bandit-sast:
...
@@ -70,7 +70,7 @@ bandit-sast:
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /python/
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /python/
brakeman-sast
:
brakeman-sast
:
extends
:
.analyzer
extends
:
.
sast-
analyzer
image
:
image
:
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/brakeman:$SAST_ANALYZER_IMAGE_TAG"
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/brakeman:$SAST_ANALYZER_IMAGE_TAG"
only
:
only
:
...
@@ -80,7 +80,7 @@ brakeman-sast:
...
@@ -80,7 +80,7 @@ brakeman-sast:
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /ruby/
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /ruby/
eslint-sast
:
eslint-sast
:
extends
:
.analyzer
extends
:
.
sast-
analyzer
image
:
image
:
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/eslint:$SAST_ANALYZER_IMAGE_TAG"
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/eslint:$SAST_ANALYZER_IMAGE_TAG"
only
:
only
:
...
@@ -90,7 +90,7 @@ eslint-sast:
...
@@ -90,7 +90,7 @@ eslint-sast:
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /javascript/
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /javascript/
flawfinder-sast
:
flawfinder-sast
:
extends
:
.analyzer
extends
:
.
sast-
analyzer
image
:
image
:
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/flawfinder:$SAST_ANALYZER_IMAGE_TAG"
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/flawfinder:$SAST_ANALYZER_IMAGE_TAG"
only
:
only
:
...
@@ -100,7 +100,7 @@ flawfinder-sast:
...
@@ -100,7 +100,7 @@ flawfinder-sast:
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /\b(c\+\+|c)\b/
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /\b(c\+\+|c)\b/
kubesec-sast
:
kubesec-sast
:
extends
:
.analyzer
extends
:
.
sast-
analyzer
image
:
image
:
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/kubesec:$SAST_ANALYZER_IMAGE_TAG"
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/kubesec:$SAST_ANALYZER_IMAGE_TAG"
only
:
only
:
...
@@ -110,7 +110,7 @@ kubesec-sast:
...
@@ -110,7 +110,7 @@ kubesec-sast:
$SCAN_KUBERNETES_MANIFESTS == 'true'
$SCAN_KUBERNETES_MANIFESTS == 'true'
gosec-sast
:
gosec-sast
:
extends
:
.analyzer
extends
:
.
sast-
analyzer
image
:
image
:
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/gosec:$SAST_ANALYZER_IMAGE_TAG"
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/gosec:$SAST_ANALYZER_IMAGE_TAG"
only
:
only
:
...
@@ -120,7 +120,7 @@ gosec-sast:
...
@@ -120,7 +120,7 @@ gosec-sast:
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /\bgo\b/
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /\bgo\b/
nodejs-scan-sast
:
nodejs-scan-sast
:
extends
:
.analyzer
extends
:
.
sast-
analyzer
image
:
image
:
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/nodejs-scan:$SAST_ANALYZER_IMAGE_TAG"
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/nodejs-scan:$SAST_ANALYZER_IMAGE_TAG"
only
:
only
:
...
@@ -130,7 +130,7 @@ nodejs-scan-sast:
...
@@ -130,7 +130,7 @@ nodejs-scan-sast:
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /javascript/
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /javascript/
phpcs-security-audit-sast
:
phpcs-security-audit-sast
:
extends
:
.analyzer
extends
:
.
sast-
analyzer
image
:
image
:
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/phpcs-security-audit:$SAST_ANALYZER_IMAGE_TAG"
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/phpcs-security-audit:$SAST_ANALYZER_IMAGE_TAG"
only
:
only
:
...
@@ -140,7 +140,7 @@ phpcs-security-audit-sast:
...
@@ -140,7 +140,7 @@ phpcs-security-audit-sast:
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /php/
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /php/
pmd-apex-sast
:
pmd-apex-sast
:
extends
:
.analyzer
extends
:
.
sast-
analyzer
image
:
image
:
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/pmd-apex:$SAST_ANALYZER_IMAGE_TAG"
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/pmd-apex:$SAST_ANALYZER_IMAGE_TAG"
only
:
only
:
...
@@ -150,7 +150,7 @@ pmd-apex-sast:
...
@@ -150,7 +150,7 @@ pmd-apex-sast:
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /apex/
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /apex/
secrets-sast
:
secrets-sast
:
extends
:
.analyzer
extends
:
.
sast-
analyzer
image
:
image
:
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/secrets:$SAST_ANALYZER_IMAGE_TAG"
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/secrets:$SAST_ANALYZER_IMAGE_TAG"
only
:
only
:
...
@@ -159,7 +159,7 @@ secrets-sast:
...
@@ -159,7 +159,7 @@ secrets-sast:
$SAST_DEFAULT_ANALYZERS =~ /secrets/
$SAST_DEFAULT_ANALYZERS =~ /secrets/
security-code-scan-sast
:
security-code-scan-sast
:
extends
:
.analyzer
extends
:
.
sast-
analyzer
image
:
image
:
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/security-code-scan:$SAST_ANALYZER_IMAGE_TAG"
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/security-code-scan:$SAST_ANALYZER_IMAGE_TAG"
only
:
only
:
...
@@ -169,7 +169,7 @@ security-code-scan-sast:
...
@@ -169,7 +169,7 @@ security-code-scan-sast:
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /\b(c\#|visual basic\b)/
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /\b(c\#|visual basic\b)/
sobelow-sast
:
sobelow-sast
:
extends
:
.analyzer
extends
:
.
sast-
analyzer
image
:
image
:
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/sobelow:$SAST_ANALYZER_IMAGE_TAG"
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/sobelow:$SAST_ANALYZER_IMAGE_TAG"
only
:
only
:
...
@@ -179,7 +179,7 @@ sobelow-sast:
...
@@ -179,7 +179,7 @@ sobelow-sast:
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /elixir/
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /elixir/
spotbugs-sast
:
spotbugs-sast
:
extends
:
.analyzer
extends
:
.
sast-
analyzer
image
:
image
:
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/spotbugs:$SAST_ANALYZER_IMAGE_TAG"
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/spotbugs:$SAST_ANALYZER_IMAGE_TAG"
only
:
only
:
...
@@ -189,7 +189,7 @@ spotbugs-sast:
...
@@ -189,7 +189,7 @@ spotbugs-sast:
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /java\b/
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /java\b/
tslint-sast
:
tslint-sast
:
extends
:
.analyzer
extends
:
.
sast-
analyzer
image
:
image
:
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/tslint:$SAST_ANALYZER_IMAGE_TAG"
name
:
"
$SAST_ANALYZER_IMAGE_PREFIX/tslint:$SAST_ANALYZER_IMAGE_TAG"
only
:
only
:
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment