Semgrep Service Integration (+single file analysis, +authentication) including documentation for Runway Deployment
What does this MR do?
Migrating Runway configuration from gitlab-org/security-products/analyzers/semgrep!421 (closed) to here.
All changes below are going to be merged into the target branch https://gitlab.com/gitlab-org/security-products/analyzers/semgrep/-/tree/sast-ide_runway which is our integration target for https://gitlab.com/gitlab-org/security-products/analyzers/semgrep/-/tree/sast-ide.
The changes that are already merged OR that are included in this MR, are ticked off.
-
semgrep analyser:
-
Created a new MR that only introduces the build for the service image: gitlab-org/security-products/analyzers/semgrep!432 (merged). This MR was already merged into the mainline of sast-ide-integration with !4 (merged).
-
-
semgrep analyser:
-
Created a new MR that only introduces the single file analysis (without scaffolding): gitlab-org/security-products/analyzers/semgrep!434 (merged) -
Created a new MR that adds rudimentary authentication: gitlab-org/security-products/analyzers/semgrep!436 (merged)
-
-
sast-ide-integration:
-
Runway migration: created an MR to change the project_id
used for runway to the sast-ide-integration project: https://gitlab.com/gitlab-com/gl-infra/platform/runway/provisioner/-/merge_requests/234 -
Runway migration: Move CI configuration that performs the Runway deployment from semgrep analyser to this project: !3 (closed) (this MR) -
Move documentation from !2 (closed) into this MR and update it to reflect the latest changes: !3 (closed) (this MR)
-
Dependencies
- gitlab-org/security-products/analyzers/semgrep!443 (merged)
- gitlab-org/gitlab-vscode-extension!1673 (merged)
What are the relevant issue numbers?
Related MR: gitlab-org/security-products/analyzers/semgrep!421 (closed) Related Issue: https://gitlab.com/gitlab-org/gitlab/-/issues/462808
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Ensure the report version matches the equivalent schema version -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by Julian Thome