From b7c22742a369271e9ccff18f9399070984771b49 Mon Sep 17 00:00:00 2001 From: can eldem Date: Tue, 7 Apr 2020 10:06:27 +0100 Subject: [PATCH 01/11] Add additional detail for no-dind --- doc/user/application_security/dependency_scanning/index.md | 3 ++- doc/user/application_security/sast/index.md | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md index faf885b6552fab..93f95cfaa3682a 100644 --- a/doc/user/application_security/dependency_scanning/index.md +++ b/doc/user/application_security/dependency_scanning/index.md @@ -204,7 +204,8 @@ to start relevant analyzers depending on the detected repository language(s) ins are some differences in the way repository languages are detected between DIND and non-DIND. You can observe these differences by checking both Linguist and the common library. For instance, Linguist looks for `*.java` files to spin up the [gemnasium-maven](https://gitlab.com/gitlab-org/security-products/analyzers/gemnasium-maven) -image, while orchestrator only looks for the existence of `pom.xml` or `build.gradle`. +image, while orchestrator only looks for the existence of `pom.xml` or `build.gradle`. GitLab uses Linguist to detect new file types in `default_branch` which means that when introducing files or dependencies for a new language/package manager, the corresponding scans won't be triggered in the MR, and will only run on the `default_branch` once the MR is merged. + This is going to be addressed by [#211702](https://gitlab.com/gitlab-org/gitlab/-/issues/211694) ## Interacting with the vulnerabilities diff --git a/doc/user/application_security/sast/index.md b/doc/user/application_security/sast/index.md index c864abfe1aeab0..352369059fadd8 100644 --- a/doc/user/application_security/sast/index.md +++ b/doc/user/application_security/sast/index.md @@ -193,7 +193,8 @@ are some differences in the way repository languages are detected between DIND a observe these differences by checking both Linguist and the common library. For instance, Linguist looks for `*.java` files to spin up the [spotbugs](https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs) image, while orchestrator only looks for the existence of `pom.xml`, `build.xml`, `gradlew`, -`grailsw`, or `mvnw`. +`grailsw`, or `mvnw`. GitLab uses Linguist to detect new files in `default_branch` which means that when introducing file types or dependencies for a new language/package manager, the corresponding scans won't be triggered in the MR, and will only run on the `default_branch` once the MR is merged. +This is going to be addressed by [#211702](https://gitlab.com/gitlab-org/gitlab/-/issues/211694) #### Enabling kubesec analyzer -- GitLab From 8dec1b45ebc8d5369b30db3984e4195f5f47c9a8 Mon Sep 17 00:00:00 2001 From: Can Eldem Date: Tue, 7 Apr 2020 14:01:17 +0000 Subject: [PATCH 02/11] Apply suggestion to doc/user/application_security/dependency_scanning/index.md --- doc/user/application_security/dependency_scanning/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md index 93f95cfaa3682a..e8a4d324bf62eb 100644 --- a/doc/user/application_security/dependency_scanning/index.md +++ b/doc/user/application_security/dependency_scanning/index.md @@ -205,7 +205,7 @@ are some differences in the way repository languages are detected between DIND a observe these differences by checking both Linguist and the common library. For instance, Linguist looks for `*.java` files to spin up the [gemnasium-maven](https://gitlab.com/gitlab-org/security-products/analyzers/gemnasium-maven) image, while orchestrator only looks for the existence of `pom.xml` or `build.gradle`. GitLab uses Linguist to detect new file types in `default_branch` which means that when introducing files or dependencies for a new language/package manager, the corresponding scans won't be triggered in the MR, and will only run on the `default_branch` once the MR is merged. - This is going to be addressed by [#211702](https://gitlab.com/gitlab-org/gitlab/-/issues/211694) + This is going to be addressed by [#211702](https://gitlab.com/gitlab-org/gitlab/-/issues/211702) ## Interacting with the vulnerabilities -- GitLab From de37e8e791e30daedd47d63897b4c85482115bd5 Mon Sep 17 00:00:00 2001 From: Can Eldem Date: Tue, 7 Apr 2020 14:01:39 +0000 Subject: [PATCH 03/11] Apply suggestion to doc/user/application_security/sast/index.md --- doc/user/application_security/sast/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/user/application_security/sast/index.md b/doc/user/application_security/sast/index.md index 352369059fadd8..6706dc46a84e65 100644 --- a/doc/user/application_security/sast/index.md +++ b/doc/user/application_security/sast/index.md @@ -194,7 +194,7 @@ observe these differences by checking both Linguist and the common library. For looks for `*.java` files to spin up the [spotbugs](https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs) image, while orchestrator only looks for the existence of `pom.xml`, `build.xml`, `gradlew`, `grailsw`, or `mvnw`. GitLab uses Linguist to detect new files in `default_branch` which means that when introducing file types or dependencies for a new language/package manager, the corresponding scans won't be triggered in the MR, and will only run on the `default_branch` once the MR is merged. -This is going to be addressed by [#211702](https://gitlab.com/gitlab-org/gitlab/-/issues/211694) +This is going to be addressed by [#211702](https://gitlab.com/gitlab-org/gitlab/-/issues/211702) #### Enabling kubesec analyzer -- GitLab From b09fe1db550bbaf624eed4b4d5a071a29b3a15f2 Mon Sep 17 00:00:00 2001 From: Can Eldem Date: Tue, 7 Apr 2020 14:04:53 +0000 Subject: [PATCH 04/11] Apply suggestion to doc/user/application_security/sast/index.md --- doc/user/application_security/sast/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/user/application_security/sast/index.md b/doc/user/application_security/sast/index.md index 6706dc46a84e65..a34a9643727dad 100644 --- a/doc/user/application_security/sast/index.md +++ b/doc/user/application_security/sast/index.md @@ -193,7 +193,7 @@ are some differences in the way repository languages are detected between DIND a observe these differences by checking both Linguist and the common library. For instance, Linguist looks for `*.java` files to spin up the [spotbugs](https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs) image, while orchestrator only looks for the existence of `pom.xml`, `build.xml`, `gradlew`, -`grailsw`, or `mvnw`. GitLab uses Linguist to detect new files in `default_branch` which means that when introducing file types or dependencies for a new language/package manager, the corresponding scans won't be triggered in the MR, and will only run on the `default_branch` once the MR is merged. +`grailsw`, or `mvnw`. GitLab uses Linguist to detect new files in the default branch which means that when introducing file types or dependencies for a new language/package manager, the corresponding scans won't be triggered in the MR, and will only run on the default branch once the MR is merged. This is going to be addressed by [#211702](https://gitlab.com/gitlab-org/gitlab/-/issues/211702) #### Enabling kubesec analyzer -- GitLab From 7b446748438207d9d2368a52c72dcc182af8ce93 Mon Sep 17 00:00:00 2001 From: Can Eldem Date: Tue, 7 Apr 2020 14:06:40 +0000 Subject: [PATCH 05/11] Change default_branch as default branch --- doc/user/application_security/dependency_scanning/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md index e8a4d324bf62eb..2d4a4588ea2cf2 100644 --- a/doc/user/application_security/dependency_scanning/index.md +++ b/doc/user/application_security/dependency_scanning/index.md @@ -204,7 +204,7 @@ to start relevant analyzers depending on the detected repository language(s) ins are some differences in the way repository languages are detected between DIND and non-DIND. You can observe these differences by checking both Linguist and the common library. For instance, Linguist looks for `*.java` files to spin up the [gemnasium-maven](https://gitlab.com/gitlab-org/security-products/analyzers/gemnasium-maven) -image, while orchestrator only looks for the existence of `pom.xml` or `build.gradle`. GitLab uses Linguist to detect new file types in `default_branch` which means that when introducing files or dependencies for a new language/package manager, the corresponding scans won't be triggered in the MR, and will only run on the `default_branch` once the MR is merged. +image, while orchestrator only looks for the existence of `pom.xml` or `build.gradle`. GitLab uses Linguist to detect new file types in default branch which means that when introducing files or dependencies for a new language/package manager, the corresponding scans won't be triggered in the MR, and will only run on the `default_branch` once the MR is merged. This is going to be addressed by [#211702](https://gitlab.com/gitlab-org/gitlab/-/issues/211702) ## Interacting with the vulnerabilities -- GitLab From 0831218878819852e8a8aa22aa3ed1331f6b0e72 Mon Sep 17 00:00:00 2001 From: Can Eldem Date: Tue, 7 Apr 2020 17:41:24 +0000 Subject: [PATCH 06/11] Apply suggestion to doc/user/application_security/dependency_scanning/index.md --- doc/user/application_security/dependency_scanning/index.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md index 2d4a4588ea2cf2..cff14b8a1ec438 100644 --- a/doc/user/application_security/dependency_scanning/index.md +++ b/doc/user/application_security/dependency_scanning/index.md @@ -204,8 +204,11 @@ to start relevant analyzers depending on the detected repository language(s) ins are some differences in the way repository languages are detected between DIND and non-DIND. You can observe these differences by checking both Linguist and the common library. For instance, Linguist looks for `*.java` files to spin up the [gemnasium-maven](https://gitlab.com/gitlab-org/security-products/analyzers/gemnasium-maven) -image, while orchestrator only looks for the existence of `pom.xml` or `build.gradle`. GitLab uses Linguist to detect new file types in default branch which means that when introducing files or dependencies for a new language/package manager, the corresponding scans won't be triggered in the MR, and will only run on the `default_branch` once the MR is merged. - This is going to be addressed by [#211702](https://gitlab.com/gitlab-org/gitlab/-/issues/211702) +image, while orchestrator only looks for the existence of `pom.xml` or `build.gradle`. GitLab uses +Linguist to detect new file types in the default branch. This means that when introducing files or +dependencies for a new language or package manager, the corresponding scans won't be triggered in +the MR and will only run on the `default_branch` once the MR is merged. This will be addressed by +[#211702](https://gitlab.com/gitlab-org/gitlab/-/issues/211702). ## Interacting with the vulnerabilities -- GitLab From d3e6bc992e00ef1c1a2a40e8e9b4a64088d9f710 Mon Sep 17 00:00:00 2001 From: Can Eldem Date: Tue, 7 Apr 2020 17:41:36 +0000 Subject: [PATCH 07/11] Apply suggestion to doc/user/application_security/sast/index.md --- doc/user/application_security/sast/index.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/doc/user/application_security/sast/index.md b/doc/user/application_security/sast/index.md index a34a9643727dad..92cbb958a4d80e 100644 --- a/doc/user/application_security/sast/index.md +++ b/doc/user/application_security/sast/index.md @@ -193,8 +193,10 @@ are some differences in the way repository languages are detected between DIND a observe these differences by checking both Linguist and the common library. For instance, Linguist looks for `*.java` files to spin up the [spotbugs](https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs) image, while orchestrator only looks for the existence of `pom.xml`, `build.xml`, `gradlew`, -`grailsw`, or `mvnw`. GitLab uses Linguist to detect new files in the default branch which means that when introducing file types or dependencies for a new language/package manager, the corresponding scans won't be triggered in the MR, and will only run on the default branch once the MR is merged. -This is going to be addressed by [#211702](https://gitlab.com/gitlab-org/gitlab/-/issues/211702) +`grailsw`, or `mvnw`. GitLab uses Linguist to detect new file types in the default branch. This +means that when introducing files or dependencies for a new language or package manager, the +corresponding scans won't be triggered in the MR and will only run on the `default_branch` once the +MR is merged. This will be addressed by [#211702](https://gitlab.com/gitlab-org/gitlab/-/issues/211702). #### Enabling kubesec analyzer -- GitLab From d6cf85cc31f04f8e70c03d15072936bebe09871c Mon Sep 17 00:00:00 2001 From: Can Eldem Date: Tue, 7 Apr 2020 17:42:32 +0000 Subject: [PATCH 08/11] Update formatting for default_branch word --- doc/user/application_security/sast/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/user/application_security/sast/index.md b/doc/user/application_security/sast/index.md index 92cbb958a4d80e..0246a8355d8b0c 100644 --- a/doc/user/application_security/sast/index.md +++ b/doc/user/application_security/sast/index.md @@ -195,7 +195,7 @@ looks for `*.java` files to spin up the [spotbugs](https://gitlab.com/gitlab-org image, while orchestrator only looks for the existence of `pom.xml`, `build.xml`, `gradlew`, `grailsw`, or `mvnw`. GitLab uses Linguist to detect new file types in the default branch. This means that when introducing files or dependencies for a new language or package manager, the -corresponding scans won't be triggered in the MR and will only run on the `default_branch` once the +corresponding scans won't be triggered in the MR and will only run on the default_branch once the MR is merged. This will be addressed by [#211702](https://gitlab.com/gitlab-org/gitlab/-/issues/211702). #### Enabling kubesec analyzer -- GitLab From 5bad2a995ce6061889638c1539d74e5e08555264 Mon Sep 17 00:00:00 2001 From: Can Eldem Date: Tue, 7 Apr 2020 17:43:14 +0000 Subject: [PATCH 09/11] Update default branch world in ds --- doc/user/application_security/dependency_scanning/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md index cff14b8a1ec438..b37eaf4c9873a6 100644 --- a/doc/user/application_security/dependency_scanning/index.md +++ b/doc/user/application_security/dependency_scanning/index.md @@ -207,7 +207,7 @@ looks for `*.java` files to spin up the [gemnasium-maven](https://gitlab.com/git image, while orchestrator only looks for the existence of `pom.xml` or `build.gradle`. GitLab uses Linguist to detect new file types in the default branch. This means that when introducing files or dependencies for a new language or package manager, the corresponding scans won't be triggered in -the MR and will only run on the `default_branch` once the MR is merged. This will be addressed by +the MR and will only run on the default_branch once the MR is merged. This will be addressed by [#211702](https://gitlab.com/gitlab-org/gitlab/-/issues/211702). ## Interacting with the vulnerabilities -- GitLab From 113a184c1aeaf45f2b6cf8823193d7e5c6e86fc2 Mon Sep 17 00:00:00 2001 From: Can Eldem Date: Tue, 7 Apr 2020 17:43:54 +0000 Subject: [PATCH 10/11] Add empty space between ds --- doc/user/application_security/dependency_scanning/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md index b37eaf4c9873a6..e71c55f80388ce 100644 --- a/doc/user/application_security/dependency_scanning/index.md +++ b/doc/user/application_security/dependency_scanning/index.md @@ -207,7 +207,7 @@ looks for `*.java` files to spin up the [gemnasium-maven](https://gitlab.com/git image, while orchestrator only looks for the existence of `pom.xml` or `build.gradle`. GitLab uses Linguist to detect new file types in the default branch. This means that when introducing files or dependencies for a new language or package manager, the corresponding scans won't be triggered in -the MR and will only run on the default_branch once the MR is merged. This will be addressed by +the MR and will only run on the default branch once the MR is merged. This will be addressed by [#211702](https://gitlab.com/gitlab-org/gitlab/-/issues/211702). ## Interacting with the vulnerabilities -- GitLab From 79697aaaf954c78e7125318fd95069b321c795ed Mon Sep 17 00:00:00 2001 From: Can Eldem Date: Tue, 7 Apr 2020 17:44:31 +0000 Subject: [PATCH 11/11] Add empty space between default branch sast --- doc/user/application_security/sast/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/user/application_security/sast/index.md b/doc/user/application_security/sast/index.md index 0246a8355d8b0c..a2b365c672aca6 100644 --- a/doc/user/application_security/sast/index.md +++ b/doc/user/application_security/sast/index.md @@ -195,7 +195,7 @@ looks for `*.java` files to spin up the [spotbugs](https://gitlab.com/gitlab-org image, while orchestrator only looks for the existence of `pom.xml`, `build.xml`, `gradlew`, `grailsw`, or `mvnw`. GitLab uses Linguist to detect new file types in the default branch. This means that when introducing files or dependencies for a new language or package manager, the -corresponding scans won't be triggered in the MR and will only run on the default_branch once the +corresponding scans won't be triggered in the MR and will only run on the default branch once the MR is merged. This will be addressed by [#211702](https://gitlab.com/gitlab-org/gitlab/-/issues/211702). #### Enabling kubesec analyzer -- GitLab