renamed iac-sast file, removed disabled flag. Added more description in readme and adjusted table for SAST and IaC

README.md

@@ -1,9 +1,11 @@
 # SAST (Static Application Security Testing)
 
-Read more about this feature here: https://docs.gitlab.com/ee/user/application_security/sast/
+This project provides componnets for the use of Static Application Security Testing as well as Infrastructure as Code testing. Configuration for either component may be performed through CI/CD Variables (https://docs.gitlab.com/ee/ci/variables/index.html) or via the definition of Inputs (https://docs.gitlab.com/ci/inputs/). 
+
+More information about GitLab SAST is available within GitLab documentation (https://docs.gitlab.com/ee/user/application_security/sast/), along with the available variables (https://docs.gitlab.com/ee/user/application_security/sast/index.html#available-cicd-variables).
+
+More information about GitLab Infrastructure as Code scanning is available within GitLab documentation (https://docs.gitlab.com/user/application_security/iac_scanning/). 
 
-Configure SAST with CI/CD variables (https://docs.gitlab.com/ee/ci/variables/index.html).
-List of available variables: https://docs.gitlab.com/ee/user/application_security/sast/index.html#available-cicd-variables
 
 ## Usage
 
@@ -13,7 +15,7 @@ keyword.
 ```yaml
 include:
   - component: gitlab.com/components/sast/sast@<VERSION> # To include SAST Scanning
-  - component: gitlab.com/components/sast/iac-kics-sast@<VERSION> # To include IaC Scanning
+  - component: gitlab.com/components/sast/iac-sast@<VERSION> # To include IaC Scanning
 ```
 
 where `<VERSION>` is the latest released tag or `main`.
@@ -35,18 +37,18 @@ This assumes `SAST_DISABLED` variable is already defined in `.gitlab-ci.yml` wit
 
 ### Inputs
 
-| Input | Default value | Description |
-| ----- | ------------- | ----------- |
-| `stage` | `test`      | The stage where you want the job to be added |
-| `image_prefix` | `$CI_TEMPLATE_REGISTRY_HOST/security-products` | Define where all Docker image are pulled from |
-| `image_tag` | `4` | Tag of the Docker image to use |
-| `image_suffix` | `""` | Suffix added to image. If set to `-fips`, [`FIPS-enabled` images](https://docs.gitlab.com/ee/user/application_security/sast/#fips-enabled-images) are used for scan. Only used by `semgrep` analyzer |
-| `excluded_analyzers` | `""` | Comma separated list of analyzers that should not run |
-| `excluded_paths` | `"spec, test, tests, tmp"` | Comma separated list of paths to exclude |
-| `search_max_depth` | `4` | Defines how many directory levels the search for programming languages should span |
-| `run_kubesec_sast` | `"false"` | Set it to `"true"` to run `kubesec-sast` job  |
-| `run_advanced_sast` | `false` | Set it to `true` to enable [GitLab Advanced SAST](https://docs.gitlab.com/ee/user/application_security/sast/gitlab_advanced_sast.html) ]
-| `include_experimental` | `"false"` | Set it to `"true"` to enable [experimental analyzers](https://docs.gitlab.com/ee/user/application_security/sast/#experimental-features) |
+| Input | Default value | Description | SAST | IaC |
+| ----- | ------------- | ----------- | ---- | --- | 
+| `stage` | `test`      | The stage where you want the job to be added | {{< icon name="check-circle" >}} Yes | {{< icon name="check-circle" >}} Yes |
+| `image_prefix` | `$CI_TEMPLATE_REGISTRY_HOST/security-products` | Define where all Docker image are pulled from | {{< icon name="check-circle" >}} Yes | {{< icon name="check-circle" >}} Yes |
+| `image_tag` | `4` | Tag of the Docker image to use | {{< icon name="check-circle" >}} Yes | {{< icon name="check-circle" >}} Yes |
+| `image_suffix` | `""` | Suffix added to image. If set to `-fips`, [`FIPS-enabled` images](https://docs.gitlab.com/ee/user/application_security/sast/#fips-enabled-images) are used for scan. Only used by `semgrep` analyzer | {{< icon name="check-circle" >}} Yes | {{< icon name="check-circle" >}} Yes, no FIPS support for IaC |
+| `excluded_analyzers` | `""` | Comma separated list of analyzers that should not run | {{< icon name="check-circle" >}} Yes | {{< icon name="dotted-circle" >}} No |
+| `excluded_paths` | `"spec, test, tests, tmp"` | Comma separated list of paths to exclude | {{< icon name="check-circle" >}} Yes | {{< icon name="check-circle" >}} Yes |
+| `search_max_depth` | `4` | Defines how many directory levels the search for programming languages should span | {{< icon name="check-circle" >}} Yes | {{< icon name="check-circle" >}} Yes |
+| `run_kubesec_sast` | `"false"` | Set it to `"true"` to run `kubesec-sast` job  | {{< icon name="check-circle" >}} Yes | {{< icon name="dotted-circle" >}} No |
+| `run_advanced_sast` | `false` | Set it to `true` to enable [GitLab Advanced SAST](https://docs.gitlab.com/ee/user/application_security/sast/gitlab_advanced_sast.html) | {{< icon name="check-circle" >}} Yes | {{< icon name="dotted-circle" >}} No |
+| `include_experimental` | `"false"` | Set it to `"true"` to enable [experimental analyzers](https://docs.gitlab.com/ee/user/application_security/sast/#experimental-features) | {{< icon name="check-circle" >}} Yes | {{< icon name="dotted-circle" >}} No |
 
 ## Contribute
 

templates/iac-sast.yml

@@ -33,8 +33,6 @@ kics-iac-sast:
       sast: gl-sast-report.json
   allow_failure: true
   rules:
-    - if: $SAST_DISABLED == 'true' || $SAST_DISABLED == '1'
-      when: never
     - if: $[[ inputs.excluded_analyzers ]] =~ /kics/
       when: never
     - if: $CI_COMMIT_BRANCH