我想在CI的后续阶段中使用从SAST阶段生成的工件。我的项目有2种不同的文件类型,.py和.js
stages:
- test
- upload
include:
- template: Security/SAST.gitlab-ci.yml
sast:
stage: test
allow_failure: true
artifacts:
paths: [gl-sast-report.json]
reports:
sast: gl-sast-report.json
bandit-sast:
artifacts:
paths: [gl-sast-report.json]
reports:
sast: gl-sast-report.json
eslint-sast:
artifacts:
paths: [gl-sast-report.json]
reports:
sast: gl-sast-report.json
send-reports:
stage: upload
rules:
- if: $CI_COMMIT_BRANCH == "master"
- if: $CI_MERGE_REQUEST_IID
artifacts:
paths: [gl-sast-report.json]
reports:
sast: gl-sast-report.json
script: |
ls
cat gl-sast-report.json
针对强盗和eslint阶段均生成报告,但是对于send报告阶段,仅显示eslint报告。关于如何使用下一个阶段的两个报告的任何想法? 这是来自gitlab运行程序的消息,它仅显示eslint报告。当我删除js文件时,显示的是强盗报告。
Downloading artifacts
00:01
Downloading artifacts for bandit-sast (833806353)...
Downloading artifacts from coordinator... ok id=833806353 responseStatus=200 OK token=m4wuayAs
Downloading artifacts for eslint-sast (833806354)...
Downloading artifacts from coordinator... ok id=833806354 responseStatus=200 OK token=skGyM8bW
我尝试将bandit sast路径和报告的名称更改为bandit-report.json,但这导致作业在上传工件步骤上失败,没有找到匹配的文件。
Uploading artifacts for successful job
00:01
Uploading artifacts...
WARNING: bandit-report.json: no matching files
ERROR: No files to upload