Merge branch 'dcouture-advanced-sast' into 'master' (4d3e3832) · Commits · GitLab.org / release-cli

.gitlab/ci/analyze.yml

+7 −0

Original line number	Diff line number	Diff line
		@@ -3,6 +3,9 @@ include:
		- template: Dependency-Scanning.gitlab-ci.yml
		- template: Secret-Detection.gitlab-ci.yml

		variables:
		GITLAB_ADVANCED_SAST_ENABLED: 'true'

		# workflow rules are not extended by scanner jobs, need to override them manually
		# TODO: remove when https://gitlab.com/gitlab-org/gitlab/-/issues/218444 is done

		@@ -28,6 +31,10 @@ secret_detection:
		- if: '$CI_MERGE_REQUEST_IID'
		- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'

		gitlab-advanced-sast:
		# using the `extends` keyword doesn't trigger some jobs so we need to use anchors
		<<: *rules-for-scanners

		semgrep-sast:
		# using the `extends` keyword doesn't trigger some jobs so we need to use anchors
		<<: *rules-for-scanners