Skip to content

Remove secrets-sast from the SAST vendored template

Problem to solve

Now that Secret Detection has it's own vendored template and section within SAST I think the old job should be removed so that folks don't see two secret detection jobs when they include SAST and Secret-Detection in their .gitlab-ci.ymls.

User experience goal

Remove confusion on which secrets-detection job to run. Remove risk of allowing two secret-detection jobs from being kicked off.

Proposal

Remove secrets-sast from the sast vendored template. Remove variable documentation pinned to the old version of secrets (v2) in this SAST documentation page.

Documentation

Remove variable documentation pinned to the old version of secrets (v2) in this SAST documentation page.

Links / references

Issue that prompted this issue here: #215068 (comment 392100978)

Below is a pipeline kicked off from the following .gitlab-ci.yml

include:
  - template: Secret-Detection.gitlab-ci.yml
  - template: SAST.gitlab-ci.yml

Screen_Shot_2020-08-06_at_3.26.51_PM

Edited by Zach Rice