Merge branch '5040-sast-documentation-snippet-is-invalid' into 'master'

Resolve "SAST documentation snippet is invalid" Closes #5040 See merge request gitlab-org/gitlab-ee!4721

Merge branch '5040-sast-documentation-snippet-is-invalid' into 'master'
Resolve "SAST documentation snippet is invalid" Closes #5040 See merge request gitlab-org/gitlab-ee!4721
3c2bf60c · Dmitriy Zaporozhets · cf3bf235 · 93492538 · 3c2bf60c
Commit 3c2bf60c authored Feb 28, 2018 by Dmitriy Zaporozhets
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 37 deletions

doc/ci/examples/sast.md doc/ci/examples/sast.md +9 -37

No files found.
--- a/doc/ci/examples/sast.md
+++ b/doc/ci/examples/sast.md
@@ -12,9 +12,6 @@ First, you need GitLab Runner with [docker-in-docker executor](https://docs.gitl
 You can then add a new job to `.gitlab-ci.yml`, called `sast`:

 ```yaml
-before_script:
-  - *functions
-
 sast:
  image: docker:latest
  variables:
@@ -23,43 +20,18 @@ sast:
  services:
    - docker:dind
  script:
-    - setup_docker
-    - sast
+    - export SAST_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
+    - docker run 
+        --env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}" 
+        --env SAST_DISABLE_REMOTE_CHECKS="${SAST_DISABLE_REMOTE_CHECKS:-false}" 
+        --volume "$PWD:/code" 
+        --volume /var/run/docker.sock:/var/run/docker.sock 
+        "registry.gitlab.com/gitlab-org/security-products/sast:$SAST_VERSION" /app/bin/run /code
  artifacts:
    paths: [gl-sast-report.json]
-
-.functions: &functions |
-  # Variables and functions
-
-  function setup_docker() {
-    if ! docker info &>/dev/null; then
-      if [ -z "$DOCKER_HOST" -a "$KUBERNETES_PORT" ]; then
-        export DOCKER_HOST='tcp://localhost:2375'
-      fi
-    fi
-  }
-
-  function sast() {
-    case "$CI_SERVER_VERSION" in
-      *-ee)
-        # Extract "MAJOR.MINOR" from CI_SERVER_VERSION and generate "MAJOR-MINOR-stable"
-        SAST_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
-
-        docker run --env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}" \
-                   --env SAST_DISABLE_REMOTE_CHECKS="${SAST_DISABLE_REMOTE_CHECKS:-false}" \
-                   --volume "$PWD:/code" \
-                   --volume /var/run/docker.sock:/var/run/docker.sock \
-                   "registry.gitlab.com/gitlab-org/security-products/sast:$SAST_VERSION" /app/bin/run /code
-        ;;
-      *)
-        echo "GitLab Enterprise Edition is required"
-        ;;
-    esac
-  }
 ```

-The above example will create a `sast` job in your CI pipeline and will allow
-you to download and analyze the report artifact in JSON format. Check the
+The above example will create a `sast` job in the `test` stage and will create the required report artifact. Check the
 [Auto-DevOps template](https://gitlab.com/gitlab-org/gitlab-ci-yml/blob/master/Auto-DevOps.gitlab-ci.yml)
 for a full reference.

@@ -82,7 +54,7 @@ TIP: **Tip:**
 Starting with [GitLab Ultimate][ee] 10.3, this information will
 be automatically extracted and shown right in the merge request widget. To do
 so, the CI job must be named `sast` and the artifact path must be
-`gl-sast-report.json`.
+`gl-sast-report.json`. Make sure your pipeline has a stage nammed `test`, or specify another existing stage inside the `sast` job.
 [Learn more on application security testing results shown in merge requests](../../user/project/merge_requests/sast.md).

 ## Supported languages and frameworks