Gitlab CI SAST在下一阶段使用gl-SAST-report.json报告的工件，使用2个不同的扫描仪_Gitlab_Gitlab Ci

Gitlab CI SAST在下一阶段使用gl-SAST-report.json报告的工件，使用2个不同的扫描仪

gitlab

Gitlab CI SAST在下一阶段使用gl-SAST-report.json报告的工件，使用2个不同的扫描仪,gitlab,gitlab-ci,Gitlab,Gitlab Ci,我希望在CI的后续阶段中使用从SAST阶段生成的工件。我的项目有两种不同的文件类型，.py和.js stages: - test - upload include: - template: Security/SAST.gitlab-ci.yml sast: stage: test allow_failure: true artifacts: paths: [gl-sast-report.json] reports: sast: gl-sast

我希望在CI的后续阶段中使用从SAST阶段生成的工件。我的项目有两种不同的文件类型，.py和.js

stages:
   - test
   - upload
include:
 - template: Security/SAST.gitlab-ci.yml
 
sast:
 stage: test    
 allow_failure: true
 artifacts:
   paths: [gl-sast-report.json]
   reports:
     sast: gl-sast-report.json
bandit-sast:
 artifacts:
   paths: [gl-sast-report.json]
   reports:
     sast: gl-sast-report.json
eslint-sast:
 artifacts:
   paths: [gl-sast-report.json]
   reports:
     sast: gl-sast-report.json
send-reports:
 stage: upload
 rules:
   - if: $CI_COMMIT_BRANCH == "master"
   - if: $CI_MERGE_REQUEST_IID
 artifacts:
   paths: [gl-sast-report.json]
   reports:
     sast: gl-sast-report.json
 script: |
   ls
   cat gl-sast-report.json

bandit和eslint阶段都会生成报告，但对于send report阶段，只会显示eslint报告。有没有关于如何在下一阶段使用get获取两个报告的想法？这是来自gitlab runner的，它只显示eslint报告。当我删除js文件时，会显示bandit报告

Downloading artifacts
00:01
Downloading artifacts for bandit-sast (833806353)...
Downloading artifacts from coordinator... ok        id=833806353 responseStatus=200 OK token=m4wuayAs
Downloading artifacts for eslint-sast (833806354)...
Downloading artifacts from coordinator... ok        id=833806354 responseStatus=200 OK token=skGyM8bW

我已尝试将bandit sast路径和报告的名称更改为bandit-report.json，但这会导致作业在上载工件步骤失败，找不到匹配的文件

Uploading artifacts for successful job
00:01
Uploading artifacts...
WARNING: bandit-report.json: no matching files     
ERROR: No files to upload