Ignore gosec and brakeman analyzers (!780) · Merge requests · GitLab.org / gitlab-pages

feistel requested to merge feistel/gitlab-pages:ci/remove-gosec-brakeman into master Jun 11, 2022

What does this MR do?

According to https://docs.gitlab.com/ee/update/deprecations#sast-analyzer-consolidation-and-cicd-template-changes and https://gitlab.com/gitlab-org/security-products/analyzers/gosec, the Gosec analyzer has been deprecated and should not be used.
The replacement seems to be the semgrep analyzer which is already being used by Pages because we're including the SAST template from the main GitLab repository.

Pages does not use Ruby but needs a Gemfile because of dangerbot, as such the rules for the brakeman analyzer are triggered and a job is added to the pipeline.

This MR adds gosec and brakeman to the list of excluded analyzers.

This is part of an effort to reduce CI minutes consumption in GitLab products in response to the recent change in CI/CD minutes usage for contributors.

TODO

I added the Changelog trailer (e.g. Changelog: added) to the commits that need to be included in the changelog
I added unit tests or they are not required
I added acceptance tests or they are not required
I added documentation (or it's not required)
I followed code review guidelines
I followed Go Style guidelines

Edited Jun 21, 2022 by Vladimir Shushlin

Ignore gosec and brakeman analyzers

What does this MR do?

TODO

Merge request reports