Skip to content
  • Added

    By Invited User iu6t37r3 on 2021-04-24T08:57:55 (imported from GitLab)

    By Kendra Marquart on 2021-04-24T08:57:55 (imported from GitLab)

  • My pipeline does not dectect any vulnerability :(

    By Invited User iugqq0tl on 2021-04-24T09:12:02 (imported from GitLab)

    By Kendra Marquart on 2021-04-24T09:12:02 (imported from GitLab)

  • Works

    By Invited User iuoc3van on 2021-04-27T02:45:18 (imported from GitLab)

    By Kendra Marquart on 2021-04-27T02:45:18 (imported from GitLab)

  • someone could explain me why my pipeline doesn't detected any vulnerability ?

    By Invited User iuocnj7k on 2021-04-27T21:31:55 (imported from GitLab)

    By Kendra Marquart on 2021-04-27T21:31:55 (imported from GitLab)

  • It works for me

    By Invited User iu2rtbqr on 2021-04-28T16:10:35 (imported from GitLab)

    By Kendra Marquart on 2021-04-28T16:10:35 (imported from GitLab)

  • Well, for me, the sast job correctly generated the artifact, reporting the vulnerability. However, Gitlab's coordinator (Demo Cloud server) did not properly receive the message and update the security info tab. Didn't dig into what happened in the internals.

    By Invited User iuttd2kp on 2021-04-28T21:52:47 (imported from GitLab)

    By Kendra Marquart on 2021-04-28T21:52:47 (imported from GitLab)

    Edited by Administrator
  • commit

    By Invited User iulqhcdp on 2021-05-03T23:56:27 (imported from GitLab)

    By Kendra Marquart on 2021-05-03T23:56:27 (imported from GitLab)

  • Same, did not get any "Errors unhandled" :(

    By Invited User iuwbqtcm on 2021-05-04T10:14:52 (imported from GitLab)

    By Kendra Marquart on 2021-05-04T10:14:52 (imported from GitLab)

  • added

    By Invited User iuigotb0 on 2021-05-04T22:50:03 (imported from GitLab)

    By Kendra Marquart on 2021-05-04T22:50:03 (imported from GitLab)

  • Hi @kmarquart! Why nothing is reported on Gitlab Demo Cloud?

    I added on .gitlab-ci.yml:


    include:

    • template: Security/SAST.gitlab-ci.yml

    variables: SAST_GOSEC_LEVEL: 2

    I tried also SAST_GOSEC_LEVEL: 3 and without this variable...

    By Invited User iuh3cjwh on 2021-05-07T06:35:22 (imported from GitLab)

    By Kendra Marquart on 2021-05-07T06:35:22 (imported from GitLab)

  • added

    By Invited User iuk2byl6 on 2021-05-08T03:17:27 (imported from GitLab)

    By Kendra Marquart on 2021-05-08T03:17:27 (imported from GitLab)

  • 1 vulnerability found on tab Security, but the pipeline (gosec-sast job) have passed status

    By Invited User iuuhhqgl on 2021-05-09T15:00:22 (imported from GitLab)

    By Kendra Marquart on 2021-05-09T15:00:22 (imported from GitLab)

  • Works

    By Invited User iu76nlcd on 2021-05-18T14:48:34 (imported from GitLab)

    By Kendra Marquart on 2021-05-18T14:48:34 (imported from GitLab)

  • For the first time my pipeline does not dectect any vulnerability, so I did the tab Security&Compliance -> configuration -> enable SAST Configuration -> create Merge request -> submit Merge request -> merge

    Now I have one low vulnerability on the tab Security&Compliance -> vulnerability Report, in my pipeline I saw gosec-sast and test1 failed .

    But when I return the tab Security&Compliance -> configuration I saw that the SAST Configuration is unable, I don't know why

    By Invited User iu5o9o6b on 2021-05-19T15:31:59 (imported from GitLab)

    By Kendra Marquart on 2021-05-19T15:31:59 (imported from GitLab)

0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment