Fix

templates/iac-sast-fix.yml

@@ -1,38 +0,0 @@
-# Component created based on GitLab's IAC SAST Scanning template
-# Read more about this feature here: https://docs.gitlab.com/ee/user/application_security/iac_scanning/
-
-spec:
-    inputs:
-        stage:
-            default: test
-        excluded_paths:
-            default: "spec, test, tests, tmp"
-        excluded_analyzers:
-            default: ""
-        image_prefix:
-            default: "$CI_TEMPLATE_REGISTRY_HOST/security-products"
-        image_suffix:
-            default: ""
-        search_max_depth:
-            default: 4
-        image_tag:
-            default: 6
-
----
-kics-iac-sast:
-  stage: $[[ inputs.stage ]]
-  image:
-    name: "$[[ inputs.image_prefix ]]/kics:$[[ inputs.image_tag ]]$[[ inputs.image_suffix ]]"
-  variables:
-    SEARCH_MAX_DEPTH: $[[ inputs.search_max_depth ]]
-  script:
-    - /analyzer run
-  artifacts:
-    access: 'developer'
-    reports:
-      sast: gl-sast-report.json
-  allow_failure: true
-  rules:
-    - if: '"$[[ inputs.excluded_analyzers ]]" =~ /kics/'
-      when: never
-    - if: $CI_COMMIT_BRANCH

templates/iac-sast.yml

@@ -33,6 +33,6 @@ kics-iac-sast:
       sast: gl-sast-report.json
   allow_failure: true
   rules:
-    - if: $[[ inputs.excluded_analyzers ]] =~ /kics/
+    - if: '"$[[ inputs.excluded_analyzers ]]" =~ /kics/'
       when: never
     - if: $CI_COMMIT_BRANCH