SAST include not working on new projects

mlazo · June 29, 2023, 2:14pm

We have existing groups and projects where SAST scans are working using the default yml when enabling SAST:

stages:

test
sast:
stage: test
include:
template: Security/SAST.gitlab-ci.yml

However, when new projects are created under the same pre-existing group the scan is no longer getting invoked. I compared new and old projects and don’t see any configuration(s) that would prevent it from working on new.

Any suggestions?

Current version:

gitlab-ce[15.8.1]

balonik · June 29, 2023, 2:37pm

Are the pipelines triggered or not at all?
Do the new projects have .gitlab-ci.yml?
Do you have AutoDevOps turned off?

mlazo · July 6, 2023, 5:00pm

Hi and thanks for following up!

Pipeline does not trigger at all

Yes they have .gitlab-ci.yml

Yes AutoDevOps it is turned off

balonik · July 7, 2023, 9:06am

If you try to open the Pipeline Editor what does it say?

mlazo · June 5, 2024, 4:26pm

Hello,
Forgive my insanely delayed reply got pulled into other priorities. To follow up on this here is what the UI shows when I try to run the pipeline manually:

The contents of .gitlab-ci.yml is the system default when enabling SAST:
stages:

test

sast:

stage: test

include:

template: Security/SAST.gitlab-ci.yml

Topic		Replies	Views
Custom SAST integration not triggered GitLab CI/CD	1	1041	September 13, 2020
Rules and including only one folder in security scans are not working GitLab CI/CD sast	0	574	May 1, 2023
Adding include: template: Jobs/SAST.gitlab-ci.yml to gitlab-ci.yml doesn't work GitLab CI/CD	3	3373	September 6, 2021
SAST cannot be triggered for my nodejs application DevSecOps	1	1001	October 13, 2020
SAST Testing job not executing from gitlab GitLab CI/CD	2	89	December 2, 2024

SAST include not working on new projects

gitlab-ce[15.8.1]

Related topics