enforce SAST runner arch
This commit is contained in:
parent
d6a76a9fe6
commit
9afa7b9196
1 changed files with 20 additions and 0 deletions
|
|
@ -178,6 +178,10 @@ variables:
|
|||
# https://docs.gitlab.com/user/application_security/detect/security_configuration/#use-security-scanning-tools-with-merge-request-pipelines
|
||||
AST_ENABLE_MR_PIPELINES: 'true'
|
||||
|
||||
dependency_scanning:
|
||||
tags:
|
||||
ARCH: amd64
|
||||
|
||||
# https://docs.gitlab.com/user/application_security/container_scanning/#scanning-archives-built-in-a-previous-job
|
||||
# https://docs.gitlab.com/user/application_security/detect/security_configuration/#error-chosen-stage-test-does-not-exist
|
||||
container_scanning:
|
||||
|
|
@ -190,9 +194,25 @@ container_scanning:
|
|||
rules:
|
||||
- if: $CI_PIPELINE_SOURCE != 'push' || ($CI_COMMIT_BRANCH != 'develop' && $CI_COMMIT_BRANCH != 'stable' && $CI_COMMIT_TAG != '')
|
||||
when: never
|
||||
tags:
|
||||
ARCH: amd64
|
||||
|
||||
sast:
|
||||
tags:
|
||||
ARCH: amd64
|
||||
|
||||
gitlab-advanced-sast:
|
||||
tags:
|
||||
ARCH: amd64
|
||||
|
||||
secret_detection:
|
||||
tags:
|
||||
ARCH: amd64
|
||||
|
||||
libbehave-experiment:
|
||||
# https://gitlab.com/gitlab-org/security-products/demos/experiments/libbehave/npm-demo/-/blob/add_dependencies/.gitlab-ci.yml?ref_type=heads#L6
|
||||
# https://stackoverflow.com/a/70360201
|
||||
rules:
|
||||
- if: $CI_PIPELINE_SOURCE == 'merge_request_event'
|
||||
tags:
|
||||
ARCH: amd64
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue