Add SAST documentation on SELinux support

ee3d6ef4 · Zach Rice · Russell Dickenson · 4b3a2942 · ee3d6ef4 · ee3d6ef4
Commit ee3d6ef4 authored Apr 20, 2021 by Zach Rice Committed by Russell Dickenson Apr 20, 2021
Showing with 5 additions and 0 deletions

doc/user/application_security/sast/analyzers.md doc/user/application_security/sast/analyzers.md +1 -0

doc/user/application_security/sast/index.md doc/user/application_security/sast/index.md +4 -0

No files found.
--- a/doc/user/application_security/sast/analyzers.md
+++ b/doc/user/application_security/sast/analyzers.md
@@ -54,6 +54,7 @@ support the following features:
 - [Multi-project support](index.md#multi-project-support)
 - [Offline support](index.md#running-sast-in-an-offline-environment)
 - [Emits JSON report format](index.md#reports-json-format)
+- [SELinux support](index.md#running-sast-in-selinux)

 ## Official default analyzers


--- a/doc/user/application_security/sast/index.md
+++ b/doc/user/application_security/sast/index.md
@@ -707,6 +707,10 @@ offline environment, certificate verification with an external source is not pos
 self-signed certificate or disable certificate verification. Refer to the package manager's
 documentation for instructions.

+## Running SAST in SELinux
+
+By default SAST analyzers are supported in GitLab instances hosted on SELinux. Adding a `before_script` in an [overriden SAST job](#overriding-sast-jobs) may not work as runners hosted on SELinux have restricted permissions.
+
 ## Troubleshooting

 ### SAST debug logging