Skip to content

SAST support for demo project and CI/CD Template

Job #337941973 failed for 25bcf5ef:

Fixed Problem 1

Helper scripts were causing issues wen prepping the SAST DinD container so I amended the job to skip installing SFDX CLI and other prep steps defined in the before_script portion of the project template's gitlab-ci.yml file.

Problem 2 still broken

For some reason I keep getting this error in the SAST job within the pipeline :

npm install babel-plugin-transform-decorators-legacy --save-dev

and add the following line to your .babelrc file:

{
  "plugins": ["transform-decorators-legacy"]
}

The repo url is: https://github.com/loganfsmyth/babel-plugin-transform-decorators-legacy.
    
  16 | ];
  17 | 
> 18 | export default class PropertyMap extends LightningElement {
     |                ^
  19 |     @api recordId;
  20 | 
  21 |     @track zoomLevel = 14;
2019/10/30 23:49:41 exit status 1
2019/10/30 23:49:41 Container exited with non zero status code
Uploading artifacts...
WARNING: gl-sast-report.json: no matching files    
ERROR: No files to upload                          
ERROR: Job failed: exit code 1

In addition, can't tell if our SAST scan is detecting APEX but it is detecting Node. Maybe it fails before it gets to APEX scanning?

Status: Downloaded newer image for registry.gitlab.com/gitlab-org/security-products/sast:12-5-stable
2019/10/30 23:49:18 Copy project directory to containers
2019/10/30 23:49:18 [bandit] Detect project using plugin
2019/10/30 23:49:18 [bandit] Project not compatible
2019/10/30 23:49:18 [brakeman] Detect project using plugin
2019/10/30 23:49:18 [brakeman] Project not compatible
2019/10/30 23:49:18 [gosec] Detect project using plugin
2019/10/30 23:49:18 [gosec] Project not compatible
2019/10/30 23:49:18 [spotbugs] Detect project using plugin
2019/10/30 23:49:18 [spotbugs] Project not compatible
2019/10/30 23:49:18 [flawfinder] Detect project using plugin
2019/10/30 23:49:18 [flawfinder] Project not compatible
2019/10/30 23:49:18 [phpcs-security-audit] Detect project using plugin
2019/10/30 23:49:18 [phpcs-security-audit] Project not compatible
2019/10/30 23:49:18 [security-code-scan] Detect project using plugin
2019/10/30 23:49:18 [security-code-scan] Project not compatible
2019/10/30 23:49:18 [nodejs-scan] Detect project using plugin
2019/10/30 23:49:18 [nodejs-scan] Project is compatible
2019/10/30 23:49:18 [nodejs-scan] Starting analyzer...
2: Pulling from gitlab-org/security-products/analyzers/nodejs-scan