Commit 6177fdbe authored by Can Eldem's avatar Can Eldem Committed by Nick Gaskill

Tell SAST, DS detection is based on default branch (non-DinD)

parent c2db4e3e
...@@ -204,7 +204,11 @@ to start relevant analyzers depending on the detected repository language(s) ins ...@@ -204,7 +204,11 @@ to start relevant analyzers depending on the detected repository language(s) ins
are some differences in the way repository languages are detected between DIND and non-DIND. You can are some differences in the way repository languages are detected between DIND and non-DIND. You can
observe these differences by checking both Linguist and the common library. For instance, Linguist observe these differences by checking both Linguist and the common library. For instance, Linguist
looks for `*.java` files to spin up the [gemnasium-maven](https://gitlab.com/gitlab-org/security-products/analyzers/gemnasium-maven) looks for `*.java` files to spin up the [gemnasium-maven](https://gitlab.com/gitlab-org/security-products/analyzers/gemnasium-maven)
image, while orchestrator only looks for the existence of `pom.xml` or `build.gradle`. image, while orchestrator only looks for the existence of `pom.xml` or `build.gradle`. GitLab uses
Linguist to detect new file types in the default branch. This means that when introducing files or
dependencies for a new language or package manager, the corresponding scans won't be triggered in
the MR and will only run on the default branch once the MR is merged. This will be addressed by
[#211702](https://gitlab.com/gitlab-org/gitlab/-/issues/211702).
## Interacting with the vulnerabilities ## Interacting with the vulnerabilities
......
...@@ -193,7 +193,10 @@ are some differences in the way repository languages are detected between DIND a ...@@ -193,7 +193,10 @@ are some differences in the way repository languages are detected between DIND a
observe these differences by checking both Linguist and the common library. For instance, Linguist observe these differences by checking both Linguist and the common library. For instance, Linguist
looks for `*.java` files to spin up the [spotbugs](https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs) looks for `*.java` files to spin up the [spotbugs](https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs)
image, while orchestrator only looks for the existence of `pom.xml`, `build.xml`, `gradlew`, image, while orchestrator only looks for the existence of `pom.xml`, `build.xml`, `gradlew`,
`grailsw`, or `mvnw`. `grailsw`, or `mvnw`. GitLab uses Linguist to detect new file types in the default branch. This
means that when introducing files or dependencies for a new language or package manager, the
corresponding scans won't be triggered in the MR and will only run on the default branch once the
MR is merged. This will be addressed by [#211702](https://gitlab.com/gitlab-org/gitlab/-/issues/211702).
#### Enabling kubesec analyzer #### Enabling kubesec analyzer
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment