From ef82cbef90c59a8d1d59f05d4acf75a2ecbb42c9 Mon Sep 17 00:00:00 2001
From: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Date: Sat, 23 Dec 2017 14:18:39 +0000
Subject: Remove security checks from static analysis and add sast job

---
 .gitlab-ci.yml          | 8 ++++++++
 scripts/static-analysis | 2 --
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 4b149b13178..6ca2fb471aa 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -600,6 +600,14 @@ codequality:
   artifacts:
     paths: [codeclimate.json]
 
+sast:
+  image: registry.gitlab.com/gitlab-org/gl-sast:latest
+  before_script: []
+  script:
+    - /app/bin/run .
+  artifacts:
+    paths: [gl-sast-report.json]
+
 qa:internal:
   <<: *dedicated-runner
   <<: *except-docs
diff --git a/scripts/static-analysis b/scripts/static-analysis
index 51a2fd81a79..2a2bc67800d 100755
--- a/scripts/static-analysis
+++ b/scripts/static-analysis
@@ -3,12 +3,10 @@
 require ::File.expand_path('../lib/gitlab/popen', __dir__)
 
 tasks = [
-  %w[bundle exec bundle-audit check --update],
   %w[bundle exec rake config_lint],
   %w[bundle exec rake flay],
   %w[bundle exec rake haml_lint],
   %w[bundle exec rake scss_lint],
-  %w[bundle exec rake brakeman],
   %w[bundle exec license_finder],
   %w[yarn run eslint],
   %w[bundle exec rubocop --parallel],
-- 
cgit v1.2.1