We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
When trying to run a scan with the shift left test, its not updating the merge request in gitlab.com and self hosted Gitlab CE edition.
The yaml used is:
variables: GITHUB_TOKEN: $GITHUB_TOKEN GITLAB_TOKEN: $GITLAB_TOKEN SCAN_ANNOTATE_PR: "true"
scan: stage: test image: name: quay.io/shiftleft/scan-oss:latest script: - scan --src ${CI_PROJECT_DIR} --type depscan --out_dir ${CI_PROJECT_DIR}/reports rules: - when: always artifacts: name: "$CI_JOB_NAME-$CI_COMMIT_REF_NAME" paths: - $CI_PROJECT_DIR/reports/ when: always
The results looks like:
[15:13:28] INFO Baseline file written to /builds/siva.ah/spring-boot-rest-example/reports/.sastscan.baseline Security Scan Summary ╔════════════════════════╤══════════╤══════╤════════╤═════╤════════╗ ║ Tool │ Critical │ High │ Medium │ Low │ Status ║ ╟────────────────────────┼──────────┼──────┼────────┼─────┼────────╢ ║ Dependency Scan (java) │ 30 │ 50 │ 24 │ 7 │ ❌ ║ ╚════════════════════════╧══════════╧══════╧════════╧═════╧════════╝ Uploading artifacts for failed job Uploading artifacts... /builds/siva.ah/spring-boot-rest-example/reports/: found 7 matching files and directories Uploading artifacts as "archive" to coordinator... ok id=1958602230 responseStatus=201 Created token=gVeUsj1y Cleaning up project directory and file based variables 00:01 ERROR: Job failed: exit code 1
The text was updated successfully, but these errors were encountered:
Am I getting something wrong here?
Sorry, something went wrong.
@avnsiva Is this issue resolved?
No branches or pull requests
When trying to run a scan with the shift left test, its not updating the merge request in gitlab.com and self hosted Gitlab CE edition.
The yaml used is:
variables:
GITHUB_TOKEN: $GITHUB_TOKEN
GITLAB_TOKEN: $GITLAB_TOKEN
SCAN_ANNOTATE_PR: "true"
scan:
stage: test
image:
name: quay.io/shiftleft/scan-oss:latest
script:
- scan --src ${CI_PROJECT_DIR} --type depscan --out_dir ${CI_PROJECT_DIR}/reports
rules:
- when: always
artifacts:
name: "$CI_JOB_NAME-$CI_COMMIT_REF_NAME"
paths:
- $CI_PROJECT_DIR/reports/
when: always
The results looks like:
[15:13:28] INFO Baseline file written to /builds/siva.ah/spring-boot-rest-example/reports/.sastscan.baseline
Security Scan Summary
╔════════════════════════╤══════════╤══════╤════════╤═════╤════════╗
║ Tool │ Critical │ High │ Medium │ Low │ Status ║
╟────────────────────────┼──────────┼──────┼────────┼─────┼────────╢
║ Dependency Scan (java) │ 30 │ 50 │ 24 │ 7 │ ❌ ║
╚════════════════════════╧══════════╧══════╧════════╧═════╧════════╝
Uploading artifacts for failed job
Uploading artifacts...
/builds/siva.ah/spring-boot-rest-example/reports/: found 7 matching files and directories
Uploading artifacts as "archive" to coordinator... ok id=1958602230 responseStatus=201 Created token=gVeUsj1y
Cleaning up project directory and file based variables
00:01
ERROR: Job failed: exit code 1
The text was updated successfully, but these errors were encountered: