diff options
author | Bob Van Landuyt <bob@gitlab.com> | 2019-06-13 10:37:07 +0000 |
---|---|---|
committer | Bob Van Landuyt <bob@gitlab.com> | 2019-06-13 10:37:07 +0000 |
commit | 4eb63d82d923bf884a1758536b2b8930bb9896b0 (patch) | |
tree | fccb43d096bbd69e7a36fcd5df9829d5c0631b98 | |
parent | 182104422ba9752fd3a7117d6189815ba0cdbfbb (diff) | |
parent | c1e4cd71511fa5e2868b4ea96737adfdb523ae81 (diff) | |
download | gitlab-ce-4eb63d82d923bf884a1758536b2b8930bb9896b0.tar.gz |
Merge branch 'add-missing-env-vars-to-sast-docker' into 'master'
Bring propagated SAST ENV vars into parity with docs
See merge request gitlab-org/gitlab-ce!29564
-rw-r--r-- | changelogs/unreleased/10842-add-missing-environments-variable-to-the-sast-analyzer-docker-container.yml | 5 | ||||
-rw-r--r-- | lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml | 16 |
2 files changed, 18 insertions, 3 deletions
diff --git a/changelogs/unreleased/10842-add-missing-environments-variable-to-the-sast-analyzer-docker-container.yml b/changelogs/unreleased/10842-add-missing-environments-variable-to-the-sast-analyzer-docker-container.yml new file mode 100644 index 00000000000..112b472aa3b --- /dev/null +++ b/changelogs/unreleased/10842-add-missing-environments-variable-to-the-sast-analyzer-docker-container.yml @@ -0,0 +1,5 @@ +--- +title: 'Fix: propagate all documented ENV vars to CI when using SAST' +merge_request: 29564 +author: +type: fixed diff --git a/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml index abf16e5b2e7..8713b833011 100644 --- a/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml @@ -31,19 +31,29 @@ sast: - | docker run \ $(propagate_env_vars \ + SAST_BANDIT_EXCLUDED_PATHS \ SAST_ANALYZER_IMAGES \ SAST_ANALYZER_IMAGE_PREFIX \ SAST_ANALYZER_IMAGE_TAG \ SAST_DEFAULT_ANALYZERS \ - SAST_EXCLUDED_PATHS \ - SAST_BANDIT_EXCLUDED_PATHS \ + SAST_PULL_ANALYZER_IMAGES \ SAST_BRAKEMAN_LEVEL \ - SAST_GOSEC_LEVEL \ SAST_FLAWFINDER_LEVEL \ SAST_GITLEAKS_ENTROPY_LEVEL \ + SAST_GOSEC_LEVEL \ + SAST_EXCLUDED_PATHS \ SAST_DOCKER_CLIENT_NEGOTIATION_TIMEOUT \ SAST_PULL_ANALYZER_IMAGE_TIMEOUT \ SAST_RUN_ANALYZER_TIMEOUT \ + ANT_HOME \ + ANT_PATH \ + GRADLE_PATH \ + JAVA_OPTS \ + JAVA_PATH \ + MAVEN_CLI_OPTS \ + MAVEN_PATH \ + MAVEN_REPO_PATH \ + SBT_PATH \ ) \ --volume "$PWD:/code" \ --volume /var/run/docker.sock:/var/run/docker.sock \ |