Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

GitLab SAST output not shown on pipeline Security tab #6898

Open
risedphantom opened this issue Dec 9, 2024 · 0 comments
Open

GitLab SAST output not shown on pipeline Security tab #6898

risedphantom opened this issue Dec 9, 2024 · 0 comments
Labels

Comments

@risedphantom
Copy link

Describe the issue
According to latest GitLab SAST report schema schema field "category" is not even defined in "vulnerabilities" items, but probably required (which is not obvious...)

Additional context
GitLab version >= 17.5
Checkov version <= 3.2.334

Temporary fix

variables:
  CHECKOV_IMAGE: bridgecrew/checkov:latest

checkov:
  stage: test
  image: $CHECKOV_IMAGE
  interruptible: true
  variables:
    CHECKOV_FRAMEWORK: all
    CHECKOV_EXTRA_ARGS: ""
    CHECKOV_DIRECTORY: .
  script:
    - |
      cat << 'EOF' > transform-schema.py
      import json

      file_path = "checkov.json"

      with open(file_path, 'r') as file:
          data = json.load(file)

      if "vulnerabilities" in data and len(data["vulnerabilities"]) > 0:
          for vulnerability in data["vulnerabilities"]:
              vulnerability["category"] = "sast"

      with open(file_path, 'w') as file:
          json.dump(data, file, indent=2)
      EOF

      checkov --soft-fail -d $CHECKOV_DIRECTORY --framework $CHECKOV_FRAMEWORK -o gitlab_sast $CHECKOV_EXTRA_ARGS | tee checkov.json
      python3 transform-schema.py
  artifacts:
    reports:
      sast: checkov.json
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant