Skip to content
Snippets Groups Projects
S

SAST IDE Integration

Project ID: 57980530
Select Git revision
  • main default protected
  • jleasure/runway-version-bsearch
  • revert-b7ceadb0
  • sc1-test-runway-bump
  • sc1/test-lb-http-fix
  • sc1-upgrade-runway
  • jleasure/fix-image-overrides
  • docker-release
  • craigmsmith-remove-benchmark-ci-duplication
  • sast-ide_service
  • craigmsmith-simplify-pipeline
  • hyan/upgrade-runway
  • hyan/fix-pipeline-broken-by-missing-input-variables
  • hyan/lefthook protected
  • hyan/relocate-benchmark-repo protected
  • hyan-add-benchmark protected
  • julianthome-main-patch-85487
17 results
  • Clone with SSH
  • Clone with HTTPS
  • Jason Leasure's avatar
    Jason Leasure authored
    Document changelock periods and their impact on deployments
    
    See merge request !42
    
    
    
    Merged-by: default avatarJason Leasure <jleasure@gitlab.com>
    Approved-by: default avatarJason Leasure <jleasure@gitlab.com>
    Co-authored-by: default avatarJulian Thome <jthome@gitlab.com>
    aaa0ffba
    History

    SAST IDE integration

    This project brings together the components of GitLab's "SAST in the IDE" solution for the purposes of development, benchmarking, and deployment.

    Components

    Setup

    Note: The development scripts are currently zsh.

    Run

    ./scripts/setup.sh

    The setup script:

    1. uses asdf or mise to install go, python, and ruby. If a plugin is missing, a prompt will ask to install it.
    2. checks out submodules.
    3. creates a Python virtual environment and installs semgrep with pip
    4. runs asdf install (or mise install) and npm ci in the gitlab-lsp and gitlab-vscode-extension submodules
    5. uses go to install the Git hook manager lefthook, and sets it up.

    This covers the prerequisites of each component:

    • The sast-scanner-service is written in go, but relies on semgrep which is distributed via python.
    • The sast-rules project distribution of semgrep rules is built with a ruby script.
    • Both gitlab-lsp and gitlab-vscode-extension projects manage their requirements in .tool-versions files.