Gitlab CI SAST在下一阶段使用gl-SAST-report.json报告的工件,使用2个不同的扫描仪
我希望在CI的后续阶段中使用从SAST阶段生成的工件。我的项目有两种不同的文件类型,.py和.jsGitlab CI SAST在下一阶段使用gl-SAST-report.json报告的工件,使用2个不同的扫描仪,gitlab,gitlab-ci,Gitlab,Gitlab Ci,我希望在CI的后续阶段中使用从SAST阶段生成的工件。我的项目有两种不同的文件类型,.py和.js stages: - test - upload include: - template: Security/SAST.gitlab-ci.yml sast: stage: test allow_failure: true artifacts: paths: [gl-sast-report.json] reports: sast: gl-sast
stages:
- test
- upload
include:
- template: Security/SAST.gitlab-ci.yml
sast:
stage: test
allow_failure: true
artifacts:
paths: [gl-sast-report.json]
reports:
sast: gl-sast-report.json
bandit-sast:
artifacts:
paths: [gl-sast-report.json]
reports:
sast: gl-sast-report.json
eslint-sast:
artifacts:
paths: [gl-sast-report.json]
reports:
sast: gl-sast-report.json
send-reports:
stage: upload
rules:
- if: $CI_COMMIT_BRANCH == "master"
- if: $CI_MERGE_REQUEST_IID
artifacts:
paths: [gl-sast-report.json]
reports:
sast: gl-sast-report.json
script: |
ls
cat gl-sast-report.json
bandit和eslint阶段都会生成报告,但对于send report阶段,只会显示eslint报告。有没有关于如何在下一阶段使用get获取两个报告的想法?
这是来自gitlab runner的,它只显示eslint报告。当我删除js文件时,会显示bandit报告
Downloading artifacts
00:01
Downloading artifacts for bandit-sast (833806353)...
Downloading artifacts from coordinator... ok id=833806353 responseStatus=200 OK token=m4wuayAs
Downloading artifacts for eslint-sast (833806354)...
Downloading artifacts from coordinator... ok id=833806354 responseStatus=200 OK token=skGyM8bW
我已尝试将bandit sast路径和报告的名称更改为bandit-report.json,但这会导致作业在上载工件步骤失败,找不到匹配的文件
Uploading artifacts for successful job
00:01
Uploading artifacts...
WARNING: bandit-report.json: no matching files
ERROR: No files to upload