From 8d92eb5224ac261100a7ed33424992706da17050 Mon Sep 17 00:00:00 2001 From: mo khan Date: Wed, 7 Oct 2020 15:48:38 -0600 Subject: Disable SAST scanner in downstream pipeline * chore: Specify sast default analyzers to blank * chore: Clear list of DS analyzers * chore: Remove /license-finder hack * chore: Configure artifact settings --- .gitlab-ci.yml | 4 ++-- .gitlab/deb.yml | 4 ++++ .gitlab/test.yml | 3 ++- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index d2bb8c4..63b9cb3 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -4,7 +4,7 @@ variables: DOCKER_DRIVER: overlay2 GIT_DEPTH: "2" GIT_STRATEGY: fetch - TMP_IMAGE: $CI_REGISTRY_IMAGE/license-finder:$CI_COMMIT_SHA + TMP_IMAGE: $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA include: - template: Container-Scanning.gitlab-ci.yml @@ -35,7 +35,7 @@ default: container_scanning: variables: - CI_APPLICATION_REPOSITORY: $CI_REGISTRY_IMAGE/license-finder # only predefined variables are parameter-expanded (no $TMP_IMAGE) + CI_APPLICATION_REPOSITORY: $CI_REGISTRY_IMAGE # only predefined variables are parameter-expanded (no $TMP_IMAGE) needs: ['build-docker-image'] code_quality: diff --git a/.gitlab/deb.yml b/.gitlab/deb.yml index 190b6af..c4c152a 100644 --- a/.gitlab/deb.yml +++ b/.gitlab/deb.yml @@ -5,10 +5,14 @@ - bin/omnibus setup - bin/omnibus build $OMNIBUS_PROJECT artifacts: + name: "$CI_JOB_NAME" expire_in: 1 day paths: - pkg/ + exclude: + - pkg/*.json expire_in: 1 day + when: on_success cache: key: ${CI_JOB_NAME} paths: diff --git a/.gitlab/test.yml b/.gitlab/test.yml index 2a5c7e3..1940d57 100644 --- a/.gitlab/test.yml +++ b/.gitlab/test.yml @@ -130,9 +130,10 @@ integration-rust: CONTAINER_SCANNING_DISABLED: 'true' DAST_DISABLED: 'true' DEPENDENCY_SCANNING_DISABLED: 'true' + DS_DEFAULT_ANALYZERS: '' LICENSE_MANAGEMENT_VERSION: $CI_COMMIT_SHA + SAST_DEFAULT_ANALYZERS: '' SAST_DISABLED: 'true' - SECURE_ANALYZERS_PREFIX: $CI_REGISTRY_IMAGE rules: - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH when: always -- cgit v1.2.3