Hello, I’m having some problems setting up the SAST for my gitlab repos. I created a .gitlab-ci.yml file with the templates to include: template: Security/SAST.gitlab-ci.yml and then i also added the SAST.gitlab-ci.yml file copied from the gitlab repo but when I run the pipelines on test files where I clearly have a password or api key in the file, the SAST still passes when its suppose to fail. Am I missing something here?
include:
- template: Security/Secret-Detection.gitlab-ci.yml
- template: Security/SAST.gitlab-ci.yml
secret_detection:
variables:
GIT_DEPTH: 100
SECRET_DETECTION_HISTORIC_SCAN: "true"