Versions Compared

Version Old Version 9 New Version 10
Changes made by

Victor Wang

Victor Wang

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
image: atlassian/default-image:3

pipelines:
  # Triggers the pipeline on push events but only for the "main" branch
  # Adapt triggers to your own needs
  branches:
    main:
      - step:
          name: 'Data Theorem SAST'
          image: us-central1-docker.pkg.dev/devprod-scandal-us/datatheorem-sast-dev/datatheorem-sast-dev:latest
          script:
            - echo "Your security scan goes here..."
            - export DT_SAST_API_KEY=$DT_SAST_API_KEY
            - export DT_SAST_REPOSITORY_NAME=$BITBUCKET_REPO_FULL_NAME
            - export DT_SAST_REPOSITORY_PLATFORM=BITBUCKET
            - export DT_SAST_REPOSITORY_ID=$BITBUCKET_REPO_UUID
            - export DT_SAST_REPOSITORY_HTML_URL=$BITBUCKET_GIT_HTTP_ORIGIN
            - export DT_SAST_REPOSITORY_DEFAULT_BRANCH_NAME="main"
            - data_theorem_sast_analyzer scan ./


  pull-requests:
    # Triggers the pipeline on pull request events
    # Adapt triggers to your own needs
    "**":
      - step:
          name: 'Data Theorem SAST'
          image: us-central1-docker.pkg.dev/prod-scandal-us/datatheorem-sast/datatheorem-sast:latest
          script:
            - echo "Your security scan goes here..."
            - export DT_SAST_API_KEY=$DT_SAST_API_KEY
            - export DT_SAST_REPOSITORY_NAME=$BITBUCKET_REPO_FULL_NAME
            - export DT_SAST_REPOSITORY_PLATFORM=BITBUCKET
            - export DT_SAST_REPOSITORY_ID=$BITBUCKET_REPO_UUID
            - export DT_SAST_REPOSITORY_HTML_URL=$BITBUCKET_GIT_HTTP_ORIGIN
            - export DT_SAST_REPOSITORY_DEFAULT_BRANCH_NAME="main"
            - export DT_SAST_SCAN_HEAD_REF=$BITBUCKET_COMMIT
            - export DT_SAST_SCAN_TARGET_REF=$BITBUCKET_PR_DESTINATION_COMMIT
            - export DT_SAST_FAIL_MODE=true
            - data_theorem_sast_analyzer scan ./

...

Code Block
stages:
  - security-scan

datatheorem-sast-scan-job:
  tags:
    - gitlab-runner-docker # Needs to be an executor compatible with the`image` feature
  stage: security-scan
  image: us-central1-docker.pkg.dev/devprod-scandal-us/datatheorem-sast-dev/datatheorem-sast-dev:latest 
  script:
    - echo $CI_COMMIT_REF_NAME $CI_COMMIT_BRANCH
    - export DT_SAST_API_KEY=$DT_SAST_API_KEY
    - export DT_SAST_REPOSITORY_NAME=$CI_PROJECT_PATH
    - export DT_SAST_REPOSITORY_PLATFORM="GITLAB_ON_PREM"
    - export DT_SAST_REPOSITORY_ID=$CI_PROJECT_ID
    - export DT_SAST_REPOSITORY_HTML_URL=$CI_PROJECT_URL
    - export DT_SAST_REPOSITORY_DEFAULT_BRANCH_NAME=$CI_DEFAULT_BRANCH
    - export DT_SAST_SCAN_HEAD_REF=$CI_COMMIT_BRANCH
    - data_theorem_sast_analyzer scan ./