Pin Static Analysis analyzers and tools to the minor version
As noted in the epic to which this issue belongs, we should pin Static Analysis analyzers and tools to their minor versions. Details and discussion points can be found in the epic.
Tasks:
-
update the vendored templates https://gitlab.com/gitlab-org/gitlab-ee/blob/master/lib/gitlab/ci/templates/Security to use the new major.minor
image tag instead ofmajor
-
SAST.gitlab-ci.yml
-
Secret-Detection.gitlab-ci.yml
-
deprecate SAST_ANALYZER_IMAGE_TAG
-
-
update the release process documentation to add a step to update the vendored template when releasing a tool or an analyzer -
update the CI config for SAST, DS, CS, and LM -
build the major.minor
docker image tag along withmajor.minor.patch
andmajor
ones. -
stop releasing x-y-stable
Docker tags for tag builds
-
Release notes
Draft release notes
Edited by Taylor McCaslin