Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2021-06-13 15:10:15 +0300
committerGitLab Bot <gitlab-bot@gitlab.com>2021-06-13 15:10:15 +0300
commit2d027c892abf04bbe74d15f205376a27f7107d55 (patch)
tree25b5424c79000a48248df8a28272b1691788385a
parent19197d7806afe14fa971c7ce1d107679e26c8a8c (diff)
Add latest changes from gitlab-org/gitlab@master
Diffstat
-rw-r--r--doc/user/application_security/sast/index.md18
1 files changed, 18 insertions, 0 deletions
diff --git a/doc/user/application_security/sast/index.md b/doc/user/application_security/sast/index.md
index ac877fde034..da9b09e92c1 100644
--- a/doc/user/application_security/sast/index.md
+++ b/doc/user/application_security/sast/index.md
@@ -239,6 +239,24 @@ spotbugs-sast:
FAIL_NEVER: 1
```
+#### Pinning to minor image version
+
+While our templates use `MAJOR` version pinning to always ensure the latest analyzer
+versions are pulled, there are certain cases where it can be beneficial to pin
+an analyzer to a specific release. To do so, override the `SAST_ANALYZER_IMAGE_TAG` CI/CD variable
+in the job template directly.
+
+In the example below, we are pinning to a specific patch version of the `spotbugs` analyzer:
+
+```yaml
+include:
+ - template: Security/SAST.gitlab-ci.yml
+
+spotbugs-sast:
+ variables:
+ SAST_ANALYZER_IMAGE_TAG: "2.28.1"
+```
+
### Customize rulesets **(ULTIMATE)**
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/235382) in GitLab 13.5.
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-13 23:47:59 +0300