Update SAST AutoDevops jobupdate-secure-jobs-drop-dind

Drop Docker-in-Docker execution as it's no longer required

2 files changed, 8 insertions, 8 deletions

diff --git a/changelogs/unreleased/update-secure-jobs-drop-dind.yml b/changelogs/unreleased/update-secure-jobs-drop-dind.yml
new file mode 100644
index 00000000000..a9ca532be27
--- /dev/null
+++ b/changelogs/unreleased/update-secure-jobs-drop-dind.yml
@@ -0,0 +1,5 @@
+---
+title: Update SAST Autodevops template - drop DIND requirement
+merge_request:
+author:
+type: performance
diff --git a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml
index de4288fb532..11006b1e86a 100644
--- a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml
@@ -156,12 +156,10 @@ performance:
 
 sast:
   stage: test
-  image: docker:stable
+  image:
+    name: "registry.gitlab.com/gitlab-org/security-products/sast:$CI_SERVER_VERSION_MAJOR-$CI_SERVER_VERSION_MINOR-stable"
   allow_failure: true
-  services:
-    - docker:stable-dind
   script:
-    - setup_docker
     - sast
   artifacts:
     reports:
@@ -539,10 +537,7 @@ rollout 100%:
           echo "WARNING: CONFIDENCE_LEVEL is deprecated and MUST be replaced with SAST_CONFIDENCE_LEVEL"
         fi
 
-        docker run --env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}" \
-                   --volume "$PWD:/code" \
-                   --volume /var/run/docker.sock:/var/run/docker.sock \
-                   "registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code
+        /app/bin/run .
         ;;
       *)
         echo "GitLab EE is required"