fix: Reintroduce top-level SAST_ANALYZER_IMAGE_TAG for SCS
What does this MR do and why?
fix: Reintroduce top-level SAST_ANALYZER_IMAGE_TAG for SCS
Previous MR that added deprecation shim for Security Code Scan v2 to v3
moved the default variable definition into the rules:variables
block.
This is not always present when customers have overridden the entire
rules
block leading to failures to pull images
Relates to #350935 (closed)
How to set up and validate locally
Using CI configuration off this branch update configuration to the following:
include:
# Note if using `template: SAST.gitlab-ci.yml` here, this will fail
- remote: https://gitlab.com/gitlab-org/gitlab/-/raw/set-default-value-for-scs/lib/gitlab/ci/templates/Jobs/SAST.gitlab-ci.yml
security-code-scan-sast:
rules:
- if: "$CI_COMMIT_BRANCH"
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Lucas Charles