diff options
-rw-r--r-- | changelogs/unreleased/10842-add-missing-environments-variable-to-the-sast-analyzer-docker-container.yml | 5 | ||||
-rw-r--r-- | lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml | 16 |
2 files changed, 18 insertions, 3 deletions
diff --git a/changelogs/unreleased/10842-add-missing-environments-variable-to-the-sast-analyzer-docker-container.yml b/changelogs/unreleased/10842-add-missing-environments-variable-to-the-sast-analyzer-docker-container.yml new file mode 100644 index 00000000000..bce5781afec --- /dev/null +++ b/changelogs/unreleased/10842-add-missing-environments-variable-to-the-sast-analyzer-docker-container.yml @@ -0,0 +1,5 @@ +--- +title: 'Fix: propagate all documented ENV vars to CI when using SAST' +merge_request: 10842 +author: +type: fixed diff --git a/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml index abf16e5b2e7..8713b833011 100644 --- a/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml @@ -31,19 +31,29 @@ sast: - | docker run \ $(propagate_env_vars \ + SAST_BANDIT_EXCLUDED_PATHS \ SAST_ANALYZER_IMAGES \ SAST_ANALYZER_IMAGE_PREFIX \ SAST_ANALYZER_IMAGE_TAG \ SAST_DEFAULT_ANALYZERS \ - SAST_EXCLUDED_PATHS \ - SAST_BANDIT_EXCLUDED_PATHS \ + SAST_PULL_ANALYZER_IMAGES \ SAST_BRAKEMAN_LEVEL \ - SAST_GOSEC_LEVEL \ SAST_FLAWFINDER_LEVEL \ SAST_GITLEAKS_ENTROPY_LEVEL \ + SAST_GOSEC_LEVEL \ + SAST_EXCLUDED_PATHS \ SAST_DOCKER_CLIENT_NEGOTIATION_TIMEOUT \ SAST_PULL_ANALYZER_IMAGE_TIMEOUT \ SAST_RUN_ANALYZER_TIMEOUT \ + ANT_HOME \ + ANT_PATH \ + GRADLE_PATH \ + JAVA_OPTS \ + JAVA_PATH \ + MAVEN_CLI_OPTS \ + MAVEN_PATH \ + MAVEN_REPO_PATH \ + SBT_PATH \ ) \ --volume "$PWD:/code" \ --volume /var/run/docker.sock:/var/run/docker.sock \ |