From fe3758e94993e2494ec9267ecf90fc2b164b5452 Mon Sep 17 00:00:00 2001 From: Ahmed Hemdan Date: Tue, 27 Jun 2023 19:08:38 +0200 Subject: [PATCH 1/4] Update README.md on how to disable sast jobs --- README.md | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 79f77b8..e6c74f2 100644 --- a/README.md +++ b/README.md @@ -17,14 +17,20 @@ include: where `` is the latest released tag or `main`. -If you want to leverage the `$SAST_DISABLED` variable to define or not the jobs conditionally use `include:rules`. -Otherwise all SAST jobs will always run when applicable: +If you want to leverage the `$SAST_DISABLED` variable to run the jobs conditionally use `include:rules` with `when: never`. Otherwise all SAST jobs will always run when applicable: ```yaml include: - component: gitlab.com/gitlab-components/sast@main rules: - - if: $SAST_DISABLED != "true" + - if: $SAST_DISABLED == "true" || $SAST_DISABLED == "1" +``` + +This assumes `SAST_DISABLED` variable is already defined in `.gitlab-ci.yml` with either `'true'` or `'1'` as the value: + +```yaml +variables: + SAST_DISABLED: 'true' ``` ### Inputs From 551d5fb89b27526e6b626b23ded50c2eb861a160 Mon Sep 17 00:00:00 2001 From: Ahmed Hemdan Date: Tue, 4 Jul 2023 20:47:53 +0200 Subject: [PATCH 2/4] Apply review feedback --- README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index e6c74f2..042ed58 100644 --- a/README.md +++ b/README.md @@ -17,15 +17,18 @@ include: where `` is the latest released tag or `main`. -If you want to leverage the `$SAST_DISABLED` variable to run the jobs conditionally use `include:rules` with `when: never`. Otherwise all SAST jobs will always run when applicable: +If you are converting the configuration to use components and want to leverage the existing variable `$SAST_DISABLED` you could conditionally include the component using the variable: ```yaml include: - component: gitlab.com/gitlab-components/sast@main rules: - if: $SAST_DISABLED == "true" || $SAST_DISABLED == "1" + when: never ``` +Otherwise all SAST jobs will always run when applicable. + This assumes `SAST_DISABLED` variable is already defined in `.gitlab-ci.yml` with either `'true'` or `'1'` as the value: ```yaml From c6a0ab358f6bc5b1c89860f2d306aceca59f5093 Mon Sep 17 00:00:00 2001 From: Fabio Pitino Date: Wed, 5 Jul 2023 07:44:47 +0000 Subject: [PATCH 3/4] Apply 1 suggestion(s) to 1 file(s) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 042ed58..3ccdc5a 100644 --- a/README.md +++ b/README.md @@ -24,7 +24,7 @@ include: - component: gitlab.com/gitlab-components/sast@main rules: - if: $SAST_DISABLED == "true" || $SAST_DISABLED == "1" - when: never + when: never ``` Otherwise all SAST jobs will always run when applicable. From b0bca34ba81307aaab961e1887fe3b6965d8fd93 Mon Sep 17 00:00:00 2001 From: Ahmed Hemdan Date: Wed, 5 Jul 2023 13:03:16 +0200 Subject: [PATCH 4/4] Apply more feedback --- README.md | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/README.md b/README.md index 3ccdc5a..a0b9ae8 100644 --- a/README.md +++ b/README.md @@ -29,12 +29,7 @@ include: Otherwise all SAST jobs will always run when applicable. -This assumes `SAST_DISABLED` variable is already defined in `.gitlab-ci.yml` with either `'true'` or `'1'` as the value: - -```yaml -variables: - SAST_DISABLED: 'true' -``` +This assumes `SAST_DISABLED` variable is already defined in `.gitlab-ci.yml` with either `'true'` or `'1'` as the value. ### Inputs