brakeman and nodejs-scan SAST checks failing to run
Follow-up from !4767 (comment 1899517126).
Pipelines from May 8, 2024, 3:47 PM (CDT) onward are warning about SAST checks failing to run: https://gitlab.com/gitlab-org/gitlab-docs/-/pipelines?page=3&scope=all
The error in both jobs is the same:
$ /analyzer run
/bin/bash: line 183: /analyzer: No such file or directoryJobs with errors:
- brakeman-sast https://gitlab.com/gitlab-org/gitlab-docs/-/jobs/6811054372
- nodejs-scan-sast https://gitlab.com/gitlab-org/gitlab-docs/-/jobs/6811054375
Compare to these same jobs, which were previously passing:
- brakeman-sast https://gitlab.com/gitlab-org/gitlab-docs/-/jobs/6810382685
- nodejs-scan-sast https://gitlab.com/gitlab-org/gitlab-docs/-/jobs/6810382687
The failing jobs are running in this image:
Using docker image sha256:dc32195ec5c72baef091fedc9d737d0a40f14a3ec003baf23a56b7a48ed5ca86 for registry.gitlab.com/gitlab-org/gitlab-docs/base:alpine-3.19-ruby-3.2.3-eee6c4c0 with digest registry.gitlab.com/gitlab-org/gitlab-docs/base@sha256:a227dc0e7ce3ce6ea95a83aeda7434dafbe569d836736a83c7c02607519a97e9 ...But the passing jobs were running in this:
Using docker image sha256:e169bff7d46368d075d4de7734a1eca15d38235b3cc69e44fa39291fca2f332d for registry.gitlab.com/security-products/nodejs-scan:4 with digest registry.gitlab.com/security-products/nodejs-scan@sha256:6e2def1009e1922307e94a01fb055f4e2ff6298ec28b2175db16161cb8f73424 ...There are no MRs in gitlab-docs around the time of the behavior change that seem related.
I wonder if it's related to deprecations in 17.0: https://docs.gitlab.com/ee/update/deprecations.html?removal_milestone=17.0#sast-analyzer-coverage-changing-in-gitlab-170