[meta] Static Analysis 18.0 deprecations, removals and breaking changes

Problem to solve

Prepare for changes that must be done on the major release of GitLab %18.0.

In scope for 18.0

1. Remove CodeClimate-based Code Quality scanning
   • Deprecation MR: Docs: Deprecate CodeClimate-based quality scanning (!158840 - merged)
   • Removal issue: Deprecation issue: CodeClimate-based Code Quali... (#471677) • Ethan Feller, Chris Widstrom • 19.0
2. Propagate SAST template cache settings
   • Deprecation issue: SAST jobs no longer use global cache settings (#512564 - closed) • Thiago Figueiró • 18.0
   • Removal issue: SAST-Jobs timeout or reports non-existing error... (#440829 - closed) • Philip Cunningham • 18.0 • On track
3. Enable GitLab Advanced SAST by default (&15145)
   • Deprecation issue: Deprecation issue for enabling GitLab Advanced ... (#513685) • Adam Cohen • 17.10
   • Removal issue: Update SAST template to execute GitLab Advanced... (#514659) • Unassigned • 19.0
4. Analyzer version bump
   • Deprecation issue: Secure analyzers major version update for 18.0 (#513417 - closed) • Thiago Figueiró • 17.9
   • Removal issue: SAST CI template changes for 18.0 (#513429 - closed) • Shao Ming Tan • 18.0
5. Remove deprecated jobs from CI template
   • Deprecation MR: Announce removal of End-of-Support SAST CI jobs (!179946 - merged)
   • Removal - reapply this MR: !178389 (merged)

Considered but removed from 18.0 scope

1. Remove SEARCH_IGNORED_DIRS (discussion

   • Deprecation issue: TBC
   • Removal issue: Remove SEARCH_IGNORED_DIRS from the secure comm... (#484850) • Unassigned • Backlog

2. Change behavior of SAST_EXCLUDED_PATHS (discussion)

   • Deprecation issue: TBC
   • Removal issue: TBC

3. Remove kubesec

   • Deprecation issue: Consider deprecating kubesec in favor of kics (#346806) • Unassigned • Backlog
   • Removal issue:

4. Ensure spotbugs integration tests can run on ar... (#492269) • Unassigned This involves changing the spotbugs base image from alpine:3.14 to debian:stble-slim, and would cause failures for any before_scripts that use alpine-specific commands such as apk add.

   • Deprecation issue: TBC
   • Removal issue: TBC