diff --git a/README.md b/README.md index 9743638..c6a0302 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ -This project provides componnets for the use of Static Application Security Testing as well as Infrastructure as Code testing. +This project provides components for the use of Static Application Security Testing as well as Infrastructure as Code scanning. [[_TOC_]] @@ -7,9 +7,9 @@ This project provides componnets for the use of Static Application Security Test ### Documentation References -Configuration for SAST can be performed through CI/CD Variables (https://docs.gitlab.com/ee/ci/variables/index.html) or via the definition of Inputs (https://docs.gitlab.com/ci/inputs/). +Configuration for SAST can be performed through [CI/CD Variables](https://docs.gitlab.com/ee/ci/variables/index.html) or via the definition of [Inputs](https://docs.gitlab.com/ci/inputs/). -More information about GitLab SAST is available within GitLab documentation (https://docs.gitlab.com/ee/user/application_security/sast/), along with the available variables (https://docs.gitlab.com/ee/user/application_security/sast/index.html#available-cicd-variables). +More information about GitLab SAST is available within [GitLab documentation](https://docs.gitlab.com/ee/user/application_security/sast/), along with the [available variables](https://docs.gitlab.com/ee/user/application_security/sast/index.html#available-cicd-variables). ### Usage @@ -18,7 +18,7 @@ keyword. ```yaml include: - - component: gitlab.com/components/sast/sast@ # To include SAST Scanning + - component: gitlab.com/components/sast/sast@ ``` where `` is the latest released tag or `main`. @@ -57,9 +57,9 @@ This assumes `SAST_DISABLED` variable is already defined in `.gitlab-ci.yml` wit ### Documentation References -Configuration for IaC scanning can be performed through CI/CD Variables (https://docs.gitlab.com/ee/ci/variables/index.html) or via the definition of Inputs (https://docs.gitlab.com/ci/inputs/). +Configuration for IaC scanning can be performed through [CI/CD Variables](https://docs.gitlab.com/ee/ci/variables/index.html) or via the definition of [Inputs](https://docs.gitlab.com/ci/inputs/). -More information about GitLab Infrastructure as Code scanning is available within GitLab documentation (https://docs.gitlab.com/user/application_security/iac_scanning/). +More information about GitLab Infrastructure as Code scanning is available within [GitLab documentation](https://docs.gitlab.com/user/application_security/iac_scanning/). ### Usage @@ -68,7 +68,7 @@ keyword. ```yaml include: - - component: gitlab.com/components/sast/kics-iac-sast@ # To include IaC Scanning + - component: gitlab.com/components/sast/iac-sast@ ``` where `` is the latest released tag or `main`. @@ -79,13 +79,11 @@ where `` is the latest released tag or `main`. | ----- | ------------- | ----------- | | `stage` | `test` | The stage where you want the job to be added | | `image_prefix` | `$CI_TEMPLATE_REGISTRY_HOST/security-products` | Define where all Docker image are pulled from | -| `image_tag` | `4` | Tag of the Docker image to use | +| `image_tag` | `6` | Tag of the Docker image to use | | `image_suffix` | `""` | Suffix added to image. | | `excluded_paths` | `"spec, test, tests, tmp"` | Comma separated list of paths to exclude | | `search_max_depth` | `4` | Defines how many directory levels the search for programming languages should span | - - ## Contribute Please read about CI/CD components and best practices at: https://docs.gitlab.com/ee/ci/components