Document all the available options for SAST
Problem to solve
Our SAST tool supports options to tweak its behavior. We support some of those as part of our common library. Those options sometimes don't apply to a specific analyzer.
The documentation needs to be organized to provide a single point of contact where everything is clearly accessible.
Current documentation https://gitlab.com/gitlab-org/security-products/sast
We need to improve our documentation and provide any supported option (normally via environment variable), and the list of analyzers where this option is supported or not.
If we have "experimental" options that are not supported, we should document them as well, with a clear statement that they are experimental/unsupported, and may change in the future. This will allow customers to be aware of the case and to take proper actions.
This is an example we need to cover in the first iteration: #10030 (comment 146169844).
Who can address the issue
- Prioritize doc changes as part of &866
- check and provide the matrix of supported options.
- test that those options are working (first iteration)
- set up automated tests to constantly check those options (second iteration)
- Check that user journeys are going flawless from problem to solution, through documentation
- Tech Writers
- Help in organizing info so that users can find them and consume easily