diff options
| author | Fabien Catteau <fcatteau@gitlab.com> | 2019-05-03 09:03:44 +0000 |
|---|---|---|
| committer | Bob Van Landuyt <bob@gitlab.com> | 2019-05-03 09:03:44 +0000 |
| commit | 447c40d58d63b9d10162100973884cb97e79f85d (patch) | |
| tree | 5bbbc986c066159e4da681b58acc0e790fa07b20 | |
| parent | 6daf4d352e5c21187ece57f97a6e5548b178a35a (diff) | |
| download | gitlab-ce-447c40d58d63b9d10162100973884cb97e79f85d.tar.gz | |
Propagate excluded paths to SAST & DS jobs
Propagate DS_EXCLUDED_PATHS to dependency_scanning job,
and SAST_EXCLUDED_PATHS and SAST_BANDIT_EXCLUDED_PATHS to sast job.
This makes possible to excluded certains paths from SAST reports
and Dependency Scanning reports, respectively.
| -rw-r--r-- | lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml | 1 | ||||
| -rw-r--r-- | lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml | 2 |
2 files changed, 3 insertions, 0 deletions
diff --git a/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml index 263221329ab..8dd9775c583 100644 --- a/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml @@ -35,6 +35,7 @@ dependency_scanning: DS_ANALYZER_IMAGE_PREFIX \ DS_ANALYZER_IMAGE_TAG \ DS_DEFAULT_ANALYZERS \ + DS_EXCLUDED_PATHS \ DEP_SCAN_DISABLE_REMOTE_CHECKS \ DS_DOCKER_CLIENT_NEGOTIATION_TIMEOUT \ DS_PULL_ANALYZER_IMAGE_TIMEOUT \ diff --git a/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml index f0152cd4537..706692e063b 100644 --- a/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml @@ -35,6 +35,8 @@ sast: SAST_ANALYZER_IMAGE_PREFIX \ SAST_ANALYZER_IMAGE_TAG \ SAST_DEFAULT_ANALYZERS \ + SAST_EXCLUDED_PATHS \ + SAST_BANDIT_EXCLUDED_PATHS \ SAST_BRAKEMAN_LEVEL \ SAST_GOSEC_LEVEL \ SAST_FLAWFINDER_LEVEL \ |