Use scanner instead of analyzer for scan.scanner
What does this MR do?
This MR switches the scan.scanner
details to use the scanner information instead of the analyzer information. See Security report provide Scanner version, not Analyzer version for details.
"scan": {
"scanner": {
"id": "gitleaks",
"name": "Gitleaks",
"url": "https://github.com/zricethezav/gitleaks",
"vendor": {
"name": "GitLab"
},
"version": "5.0.1"
},
"type": "secret_detection"
}
What are the relevant issue numbers?
gitlab-org/gitlab#202053 (closed)
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Merge request reports
Activity
changed milestone to %13.3
assigned to @fcatteau
- Resolved by Adam Cohen
- Resolved by Adam Cohen
- Resolved by Adam Cohen
- Resolved by Adam Cohen
unassigned @fcatteau
mentioned in issue gitlab-org/gitlab#202053 (closed)
mentioned in issue gitlab-org/gitlab#235059 (closed)
unassigned @gonzoyumo
- Resolved by Adam Cohen
@adamcohen I've approved from the groupstatic analysis perspective and reassigned to you as there are a few unresolved threads. Feel free to merge and reassign to me if you'd like me to release a new version
assigned to @adamcohen
added 9 commits
Toggle commit listassigned to @dsearles and unassigned @adamcohen
assigned to @adamcohen and unassigned @dsearles
- Resolved by Adam Cohen
@theoretick @dsearles @zrice it looks like the qa test is failing because the secret_detection job is using the Docker image built against master (
registry.gitlab.com/gitlab-org/security-products/analyzers/secrets:3
) instead of the one created by thebuild tmp image
job (registry.gitlab.com/gitlab-org/security-products/analyzers/secrets/tmp:4ba2160ba783dab5fd4343136e2e5979e92a5ed7
).We need to be able to pass the image from the
build tmp image
job to theimage
directive of the Secret-Detection.gitlab-ci.yml template
added 17 commits
-
4ba2160b...a69fcf92 - 10 commits from branch
master
- 07924e57 - Rename scannerinfo to metadata
- 59a64f53 - Use scanner instead of analyzer for scan.scanner
- 37f7690d - Update expectations
- c0182179 - Update CLI app values
- a2289dd8 - Remove init function
- f1485006 - Fixes after code review
- e8eb4a21 - Update qa expectation
Toggle commit list-
4ba2160b...a69fcf92 - 10 commits from branch
assigned to @dsearles and unassigned @adamcohen
mentioned in commit bd6b6127