Sast report files are not found

We’re running gitlab 13.0 ultimate self hosted. We didn’t do any sast before (there are no earlier sast-ci configs).
The sast jobs run but:

  • we expect the reports to be uploaded and be available as a downloadable artifact
  • what we see is that the jobs fail because ‘there is no file to upload’.

We didn’t do anything else than just following the guide https://docs.gitlab.com/ee/user/application_security/sast/. We added:

include:
  - template: SAST.gitlab-ci.yml

to our .gitlab-ci.yml and we added the template to the project.

Here is the log job’s console (similar for both the jobs secret-sast and spotbugs-sast):

 Running with gitlab-runner 13.0.0 (c127439c)
   on Ada-Lovelance vyVhpUXz
Preparing the "docker" executor 00:23
Preparing environment 00:01
Getting source from Git repository 00:01
 Fetching changes with git depth set to 50...
 Initialized empty Git repository in /.../.git/
 Created fresh repository.
 From ...
  * [new ref]         refs/pipelines/66968 -> refs/pipelines/66968
  * [new branch]      master               -> origin/master
 Checking out f4922553 as master...
 Skipping Git submodules setup
Restoring cache 00:02
Downloading artifacts 00:02
 Downloading artifacts for build-jar (190250)...
 Downloading artifacts from coordinator... ok        id=190250 responseStatus=200 OK token=4ba3cKKg
Running before_script and script 00:01
 $ chmod +x gradlew
 ln: .m2: No such file or directory
 $ ln -s "$MAVEN_LOCAL" ".m2"
Running after_script 00:01
Uploading artifacts for failed job 00:02
 Uploading artifacts...
 WARNING: gl-sast-report.json: no matching files    
 ERROR: No files to upload                          
 ERROR: Job failed: exit code 1

Did you happen to find a solution to this? Several of my organization’s projects are being affected by this same issue.

Anyone got a solution to this? I’m just getting it setup on a repo and imported the template but it’s failing as the file doesn’t appear to be created.

the solution is to override the standard Gitlab pipeline and add “send reports” job cause it does not work in another way .gitlab-ci.yml · k33g-master-patch-62763 · 💚 make-ci-lovable / sandbox / hello · GitLab