mirror of
https://gitlab.com/components/sast.git
synced 2025-06-30 15:38:29 +02:00
28 lines
1.1 KiB
Markdown
28 lines
1.1 KiB
Markdown
## SAST (Static Application Security Testing)
|
|
|
|
Read more about this feature here: https://docs.gitlab.com/ee/user/application_security/sast/
|
|
|
|
Configure SAST with CI/CD variables (https://docs.gitlab.com/ee/ci/variables/index.html).
|
|
List of available variables: https://docs.gitlab.com/ee/user/application_security/sast/index.html#available-cicd-variables
|
|
|
|
## Usage
|
|
|
|
You should add this component to an existing `.gitlab-ci.yml` file by using the `include:`
|
|
keyword.
|
|
|
|
```yaml
|
|
include:
|
|
- component: gitlab.com/gitlab-components/sastg@<VERSION>
|
|
```
|
|
|
|
where `<VERSION>` is the latest released tag or `main`.
|
|
|
|
### Inputs
|
|
|
|
| Input | Default value | Description |
|
|
| ----- | ------------- | ----------- |
|
|
| `stage` | `test` | The stage where you want the job to be added |
|
|
| `image_prefix` | `$CI_TEMPLATE_REGISTRY_HOST/security-products` | Define where all Docker image are pulled from |
|
|
| `image_suffix` | `""` | Used by `semgrep-sast` job only |
|
|
| `excluded_analyzers` | `""` | Comma separated list of analyzers that should not run |
|
|
| `run_kubesec_sast` | `"false"` | Set it to `"true"` to run `kubesec-sast` job |
|