Remove security checks from static analysis and add sast job

2017-12-23 14:18:39 +00:00 · 2017-12-23 14:18:39 +00:00 · ef82cbef90
parent 6c967c2b5b
commit ef82cbef90
2 changed files with 8 additions and 2 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -600,6 +600,14 @@ codequality:
  artifacts:
    paths: [codeclimate.json]

+sast:
+  image: registry.gitlab.com/gitlab-org/gl-sast:latest
+  before_script: []
+  script:
+    - /app/bin/run .
+  artifacts:
+    paths: [gl-sast-report.json]
+
 qa:internal:
  <<: *dedicated-runner
  <<: *except-docs
--- a/scripts/static-analysis
+++ b/scripts/static-analysis
@ -3,12 +3,10 @@
 require ::File.expand_path('../lib/gitlab/popen', __dir__)

 tasks = [
-  %w[bundle exec bundle-audit check --update],
  %w[bundle exec rake config_lint],
  %w[bundle exec rake flay],
  %w[bundle exec rake haml_lint],
  %w[bundle exec rake scss_lint],
-  %w[bundle exec rake brakeman],
  %w[bundle exec license_finder],
  %w[yarn run eslint],
  %w[bundle exec rubocop --parallel],