mirror of
https://gitlab.com/components/sast.git
synced 2025-06-30 07:28:29 +02:00
Replace var to run kubesec-sast job with input
This commit is contained in:
Fabio Pitino
parent
8956444fcb
commit
a2e96cb379
2 changed files with 4 additions and 2 deletions
|
|
@ -25,3 +25,4 @@ where `<VERSION>` is the latest released tag or `main`.
|
|||
| `image_prefix` | `$CI_TEMPLATE_REGISTRY_HOST/security-products` | Define where all Docker image are pulled from |
|
||||
| `image_suffix` | `""` | Used by `semgrep-sast` job only |
|
||||
| `excluded_analyzers` | `""` | Comma separated list of analyzers that should not run |
|
||||
| `run_kubesec_sast` | `"false"` | Set it to `"true"` to run `kubesec-sast` job |
|
||||
|
|
|
|||
|
|
@ -8,6 +8,8 @@ spec:
|
|||
default: ""
|
||||
excluded_analyzers:
|
||||
default: ""
|
||||
run_kubesec_sast:
|
||||
default: 'false'
|
||||
|
||||
---
|
||||
.sast-analyzer:
|
||||
|
|
@ -75,8 +77,7 @@ kubesec-sast:
|
|||
when: never
|
||||
- if: '"$[[ inputs.excluded_analyzers ]]" =~ /kubesec/'
|
||||
when: never
|
||||
- if: $CI_COMMIT_BRANCH &&
|
||||
$SCAN_KUBERNETES_MANIFESTS == 'true'
|
||||
- if: '$CI_COMMIT_BRANCH && "$[[ inputs.run_kubesec_sast ]]" == "true"'
|
||||
|
||||
.mobsf-sast:
|
||||
extends: .sast-analyzer
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue