Extract orchestrator, to be moved to the common library (!109) · Merge requests · GitLab.org / security-products / sast

Fabien Catteau requested to merge ee-5908 into master Nov 02, 2018

What does this MR do?

It extracts the code that SAST will share with Dependency Scanning. It's essentially about spawning the analyzers and merging the artifacts they generate. SAST and DS will also share the command line interface.

It's currently based on !108 (merged) which to this day has not been merged into master.

Also, it uses io.Pipe when project files are copied to the container. This avoid running out of memory when dealing with big projects/repos and when bound mounting is not possible.

TODO

Switch to tagged version of common after importing orchestrator

Why was this MR needed?

To reuse as much code as possible b/w SAST and DS, making both projects easier to maintain.

Does this MR meet the acceptance criteria?

Changelog entry added, if necessary
Documentation created/updated
Tests added for this feature/bug

What are the relevant issue numbers?

https://gitlab.com/gitlab-org/gitlab-ee/issues/5908
https://gitlab.com/gitlab-org/gitlab-ee/issues/7995

Edited Dec 05, 2018 by Fabien Catteau

Extract orchestrator, to be moved to the common library

What does this MR do?

TODO

Why was this MR needed?

Does this MR meet the acceptance criteria?

What are the relevant issue numbers?

Merge request reports