summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBob Van Landuyt <bob@gitlab.com>2019-06-13 10:37:07 +0000
committerBob Van Landuyt <bob@gitlab.com>2019-06-13 10:37:07 +0000
commit4eb63d82d923bf884a1758536b2b8930bb9896b0 (patch)
treefccb43d096bbd69e7a36fcd5df9829d5c0631b98
parent182104422ba9752fd3a7117d6189815ba0cdbfbb (diff)
parentc1e4cd71511fa5e2868b4ea96737adfdb523ae81 (diff)
downloadgitlab-ce-4eb63d82d923bf884a1758536b2b8930bb9896b0.tar.gz
Merge branch 'add-missing-env-vars-to-sast-docker' into 'master'
Bring propagated SAST ENV vars into parity with docs See merge request gitlab-org/gitlab-ce!29564
-rw-r--r--changelogs/unreleased/10842-add-missing-environments-variable-to-the-sast-analyzer-docker-container.yml5
-rw-r--r--lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml16
2 files changed, 18 insertions, 3 deletions
diff --git a/changelogs/unreleased/10842-add-missing-environments-variable-to-the-sast-analyzer-docker-container.yml b/changelogs/unreleased/10842-add-missing-environments-variable-to-the-sast-analyzer-docker-container.yml
new file mode 100644
index 00000000000..112b472aa3b
--- /dev/null
+++ b/changelogs/unreleased/10842-add-missing-environments-variable-to-the-sast-analyzer-docker-container.yml
@@ -0,0 +1,5 @@
+---
+title: 'Fix: propagate all documented ENV vars to CI when using SAST'
+merge_request: 29564
+author:
+type: fixed
diff --git a/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml
index abf16e5b2e7..8713b833011 100644
--- a/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml
@@ -31,19 +31,29 @@ sast:
- |
docker run \
$(propagate_env_vars \
+ SAST_BANDIT_EXCLUDED_PATHS \
SAST_ANALYZER_IMAGES \
SAST_ANALYZER_IMAGE_PREFIX \
SAST_ANALYZER_IMAGE_TAG \
SAST_DEFAULT_ANALYZERS \
- SAST_EXCLUDED_PATHS \
- SAST_BANDIT_EXCLUDED_PATHS \
+ SAST_PULL_ANALYZER_IMAGES \
SAST_BRAKEMAN_LEVEL \
- SAST_GOSEC_LEVEL \
SAST_FLAWFINDER_LEVEL \
SAST_GITLEAKS_ENTROPY_LEVEL \
+ SAST_GOSEC_LEVEL \
+ SAST_EXCLUDED_PATHS \
SAST_DOCKER_CLIENT_NEGOTIATION_TIMEOUT \
SAST_PULL_ANALYZER_IMAGE_TIMEOUT \
SAST_RUN_ANALYZER_TIMEOUT \
+ ANT_HOME \
+ ANT_PATH \
+ GRADLE_PATH \
+ JAVA_OPTS \
+ JAVA_PATH \
+ MAVEN_CLI_OPTS \
+ MAVEN_PATH \
+ MAVEN_REPO_PATH \
+ SBT_PATH \
) \
--volume "$PWD:/code" \
--volume /var/run/docker.sock:/var/run/docker.sock \