diff options
author | Fabio Busatto <fabio@gitlab.com> | 2018-11-19 11:22:19 +0000 |
---|---|---|
committer | Kamil TrzciĆski <ayufan@ayufan.eu> | 2018-11-19 11:22:19 +0000 |
commit | 294d15be3e9497e7b67e1f9131ce9d5c0d68406c (patch) | |
tree | a6186f38ed2a5c9f322afe9f48fa811eab666cd3 /lib | |
parent | 07d10976d2d46067b7ac05e36fb445781a1c6f37 (diff) | |
download | gitlab-ce-294d15be3e9497e7b67e1f9131ce9d5c0d68406c.tar.gz |
Auto DevOps support for Group Security Dashboard
Diffstat (limited to 'lib')
-rw-r--r-- | lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml index 149506ea498..c90976b2040 100644 --- a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml @@ -19,6 +19,15 @@ # * review: REVIEW_DISABLED # * stop_review: REVIEW_DISABLED # +# The sast and sast_dashboard jobs are executed to guarantee full compatibility +# with the group security dashboard and the security reports with old runners. +# If you use only runners with version 11.5 or above, you can disable the sast +# job by setting the OLD_REPORTS_DISABLED environment variable. If you use only +# runners with version below 11.5, you can disable the sast_dashboard job by +# setting the NEW_REPORTS_DISABLED environment variable. +# The sast_dashboard job will be removed in the future, when the sast job will +# use the new reports syntax. +# # In order to deploy, you must have a Kubernetes cluster configured either # via a project integration, or via group/project variables. # AUTO_DEVOPS_DOMAIN must also be set as a variable at the group or project @@ -173,6 +182,29 @@ sast: except: variables: - $SAST_DISABLED + - $OLD_REPORTS_DISABLED + +sast_dashboard: + stage: test + image: docker:stable + allow_failure: true + services: + - docker:stable-dind + script: + - setup_docker + - sast + artifacts: + reports: + sast: gl-sast-report.json + only: + refs: + - branches + variables: + - $GITLAB_FEATURES =~ /\bsast\b/ + except: + variables: + - $SAST_DISABLED + - $NEW_REPORTS_DISABLED dependency_scanning: stage: test |