Remove SAST_ANALYZER_IMAGE_TAG from SAST config UI

d1880e31 · Daniel Paul Searles · 422219ba · d1880e31 · d1880e31 · d1880e31
Commit d1880e31 authored Jun 02, 2021 by Daniel Paul Searles
4 changed files
--- a/app/validators/json_schemas/security_ci_configuration_schemas/sast_ui_schema.json
+++ b/app/validators/json_schemas/security_ci_configuration_schemas/sast_ui_schema.json
@@ -18,15 +18,6 @@
            "value": "",
            "size": "MEDIUM",
            "description": "Comma-separated list of paths to be excluded from analyzer output. Patterns can be globs, file paths, or folder paths."
-        },
-        {
-            "field" : "SAST_ANALYZER_IMAGE_TAG",
-            "label" : "Image tag",
-            "type": "string",
-            "default_value": "",
-            "value": "",
-            "size": "SMALL",
-            "description": "Analyzer image's tag"
        }
    ],
    "pipeline": [

--- a/lib/security/ci_configuration/sast_build_action.rb
+++ b/lib/security/ci_configuration/sast_build_action.rb
@@ -114,7 +114,6 @@ module Security

      def sast_variables
        %w(
-          SAST_ANALYZER_IMAGE_TAG
          SAST_EXCLUDED_PATHS
          SEARCH_MAX_DEPTH
          SAST_EXCLUDED_ANALYZERS

--- a/qa/qa/specs/features/ee/browser_ui/secure/enable_sast_from_configuration_spec.rb
+++ b/qa/qa/specs/features/ee/browser_ui/secure/enable_sast_from_configuration_spec.rb
@@ -17,7 +17,6 @@ module QA
        [
          %w(SECURE_ANALYZERS_PREFIX registry.example.com),
          %w(SAST_EXCLUDED_PATHS foo,\ bar),
-          %w(SAST_ANALYZER_IMAGE_TAG latest),
          %w(SAST_BANDIT_EXCLUDED_PATHS exclude_path_a,\ exclude_path_b)
        ]
      end

--- a/spec/lib/security/ci_configuration/sast_build_action_spec.rb
+++ b/spec/lib/security/ci_configuration/sast_build_action_spec.rb
@@ -12,7 +12,6 @@ RSpec.describe Security::CiConfiguration::SastBuildAction do
      [
        { 'field' => 'stage', 'defaultValue' => 'test', 'value' => 'test' },
        { 'field' => 'SEARCH_MAX_DEPTH', 'defaultValue' => 4, 'value' => 4 },
-        { 'field' => 'SAST_ANALYZER_IMAGE_TAG', 'defaultValue' => 2, 'value' => 2 },
        { 'field' => 'SAST_EXCLUDED_PATHS', 'defaultValue' => 'spec, test, tests, tmp', 'value' => 'spec, test, tests, tmp' }
      ] }
  end
@@ -26,7 +25,6 @@ RSpec.describe Security::CiConfiguration::SastBuildAction do
      [
        { 'field' => 'stage', 'defaultValue' => 'test', 'value' => 'security' },
        { 'field' => 'SEARCH_MAX_DEPTH', 'defaultValue' => 4, 'value' => 1 },
-        { 'field' => 'SAST_ANALYZER_IMAGE_TAG', 'defaultValue' => 2, 'value' => 2 },
        { 'field' => 'SAST_EXCLUDED_PATHS', 'defaultValue' => 'spec, test, tests, tmp', 'value' => 'spec,docs' }
      ] }
  end
@@ -176,7 +174,6 @@ RSpec.describe Security::CiConfiguration::SastBuildAction do
          [
            { 'field' => 'stage', 'defaultValue' => 'test', 'value' => 'brand_new_stage' },
            { 'field' => 'SEARCH_MAX_DEPTH', 'defaultValue' => 4, 'value' => 5 },
-            { 'field' => 'SAST_ANALYZER_IMAGE_TAG', 'defaultValue' => 2, 'value' => 2 },
            { 'field' => 'SAST_EXCLUDED_PATHS', 'defaultValue' => 'spec, test, tests, tmp', 'value' => 'spec,docs' }
          ] }
      end
@@ -227,27 +224,27 @@ RSpec.describe Security::CiConfiguration::SastBuildAction do
    def existing_gitlab_ci_and_template_array_without_sast
      { "stages" => %w(test security),
       "variables" => { "RANDOM" => "make sure this persists", "SECURE_ANALYZERS_PREFIX" => "localhost:5000/analyzers" },
-       "sast" => { "variables" => { "SAST_ANALYZER_IMAGE_TAG" => 2, "SEARCH_MAX_DEPTH" => 1 }, "stage" => "security" },
+       "sast" => { "variables" => { "SEARCH_MAX_DEPTH" => 1 }, "stage" => "security" },
       "include" => [{ "template" => "existing.yml" }] }
    end

    def existing_gitlab_ci_and_single_template_with_sast_and_default_stage
      { "stages" => %w(test),
       "variables" => { "SECURE_ANALYZERS_PREFIX" => "localhost:5000/analyzers" },
-       "sast" => { "variables" => { "SAST_ANALYZER_IMAGE_TAG" => 2, "SEARCH_MAX_DEPTH" => 1 }, "stage" => "test" },
+       "sast" => { "variables" => { "SEARCH_MAX_DEPTH" => 1 }, "stage" => "test" },
       "include" => { "template" => "Security/SAST.gitlab-ci.yml" } }
    end

    def existing_gitlab_ci_and_single_template_without_sast
      { "stages" => %w(test security),
       "variables" => { "RANDOM" => "make sure this persists", "SECURE_ANALYZERS_PREFIX" => "localhost:5000/analyzers" },
-       "sast" => { "variables" => { "SAST_ANALYZER_IMAGE_TAG" => 2, "SEARCH_MAX_DEPTH" => 1 }, "stage" => "security" },
+       "sast" => { "variables" => { "SEARCH_MAX_DEPTH" => 1 }, "stage" => "security" },
       "include" => { "template" => "existing.yml" } }
    end

    def existing_gitlab_ci_with_no_variables
      { "stages" => %w(test security),
-       "sast" => { "variables" => { "SAST_ANALYZER_IMAGE_TAG" => 2, "SEARCH_MAX_DEPTH" => 1 }, "stage" => "security" },
+       "sast" => { "variables" => { "SEARCH_MAX_DEPTH" => 1 }, "stage" => "security" },
       "include" => [{ "template" => "Security/SAST.gitlab-ci.yml" }] }
    end

@@ -267,7 +264,7 @@ RSpec.describe Security::CiConfiguration::SastBuildAction do
    def existing_gitlab_ci
      { "stages" => %w(test security),
       "variables" => { "RANDOM" => "make sure this persists", "SECURE_ANALYZERS_PREFIX" => "bad_prefix" },
-       "sast" => { "variables" => { "SAST_ANALYZER_IMAGE_TAG" => 2, "SEARCH_MAX_DEPTH" => 1 }, "stage" => "security" },
+       "sast" => { "variables" => { "SEARCH_MAX_DEPTH" => 1 }, "stage" => "security" },
       "include" => [{ "template" => "Security/SAST.gitlab-ci.yml" }] }
    end
  end