Limit SAST to gosec and secrets
What does this MR do?
Fixes broken sast jobs in pipelines: https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs/-/jobs
Prevents spotbugs from blowing up when attempting to scan broken-on-purpose test fixtures
Also rearranges CI to ensure variables take
priority over include for proper overrides
What are the relevant issue numbers?
Does this MR meet the acceptance criteria?
- [-] Changelog entry added
- [-] Documentation created/updated for GitLab EE, if necessary
- [-] Documentation created/updated for this project, if necessary
- [-] Documentation reviewed by technical writer or follow-up review issue created
- [-] Tests added for this feature/bug
-
Job definition updated, if necessary -
Auto-DevOps template (also in CE) -
Job definition example -
CI Templates (to be removed) -
Vendored CI Templates (also in CE)
-
-
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by Lucas Charles