Custom SAST jobs support
Following #5232 (closed), we could let the users use their own, custom docker images for SAST. For example, some users have issues with the current SAST image, as it requires docker:dind
to work correctly. Therefore, they are running directly the new Java Maven image (https://gitlab.com/gitlab-org/gitlab-ee/issues/5232#note_68246830), by naming the job sast
.
While this is working fine, it's limiting the options to only one job (Java Maven in this case).
This issue is to allow users to create sast:<custom job name>
jobs.
Requirements:
- The job name is a convention, and must start with
sast:
- The job must create an artifact named
gl-sast-report.json
Tasks:
-
Specify the format for gl-sast-report.json
-
Update backend to aggregate all artifacts in one report (this is transparent for FrontEnd).
Note: sast:container
is going to disappear in %11.0, and the artifact won't match the required name, so it will be ignored silently for SAST.
Edited by Fabien Catteau