I am trying to perform SAST testing from my git pipeline. Here is a portion of my gitlab-ci.yml file:
image: my-image-localtion
variables:
MAVEN_CLI_OPTS: "--batch-mode"
MAVEN_OPTS: "-Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true"
include:
- template: Security/SAST.gitlab-ci.yml**
stages:
- test
- build
- deploy
(more stuff..)
The “include” and "stages portions are the lines I added to perform the SAST during the pipeline execution. The pipeline has been running fine for a long time (against the build and deploy stages ). The test is obviously what I have just added for SAST.
Our gitlab server has the SAST plugin. I read that the above is all I need to add to the gitlab-ci.yml file for my project in order to execute SAST scanning. However, when you look at the execution of the pipeline, the job output says “pending” then:
This job is stuck because the project doesn't have any runners online assigned to it.
My understanding is that this job should automatically be assigned a default runner from gitlab, but clearly that’s not happening. Another team using the SAST scanning from this same gitlab server and (they say) it does not need to explicitly add a runner to the job for the SAST testing, and their gitlab-ci.yml for this is identical to what I added.
Grateful for any suggestions. thank you