vor/sast
1
0
Fork 0
mirror of https://gitlab.com/components/sast.git synced 2025-06-30 07:28:29 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
Static Application Security Testing (SAST) checks your source code for known vulnerabilities.
8 commits 5 branches 11 tags 205 KiB
Find a file
Fabio Pitino a2e96cb379 Replace var to run kubesec-sast job with input
2023-05-03 10:47:29 +01:00
README.md Replace var to run kubesec-sast job with input 2023-05-03 10:47:29 +01:00
template.yml Replace var to run kubesec-sast job with input 2023-05-03 10:47:29 +01:00

README.md

SAST (Static Application Security Testing)

Read more about this feature here: https://docs.gitlab.com/ee/user/application_security/sast/

Configure SAST with CI/CD variables (https://docs.gitlab.com/ee/ci/variables/index.html). List of available variables: https://docs.gitlab.com/ee/user/application_security/sast/index.html#available-cicd-variables

Usage

You should add this component to an existing .gitlab-ci.yml file by using the include: keyword.

include:
  - component: gitlab.com/gitlab-components/sastg@<VERSION>

where <VERSION> is the latest released tag or main.

Inputs

Input Default value Description
stage test The stage where you want the job to be added
image_prefix $CI_TEMPLATE_REGISTRY_HOST/security-products Define where all Docker image are pulled from
image_suffix "" Used by semgrep-sast job only
excluded_analyzers "" Comma separated list of analyzers that should not run
run_kubesec_sast "false" Set it to "true" to run kubesec-sast job