2020-07-28 23:09:34 +05:30
|
|
|
|
{
|
|
|
|
|
|
"global": [
|
|
|
|
|
|
{
|
|
|
|
|
|
"field" : "SECURE_ANALYZERS_PREFIX",
|
|
|
|
|
|
"label" : "Image prefix",
|
|
|
|
|
|
"type": "string",
|
2020-10-24 23:57:45 +05:30
|
|
|
|
"default_value": "",
|
|
|
|
|
|
"value": "",
|
2021-01-03 14:25:43 +05:30
|
|
|
|
"size": "LARGE",
|
|
|
|
|
|
"description": "Analyzer image's registry prefix (or name of the registry providing the analyzers' image)"
|
2020-07-28 23:09:34 +05:30
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"field" : "SAST_EXCLUDED_PATHS",
|
|
|
|
|
|
"label" : "Excluded Paths",
|
|
|
|
|
|
"type": "string",
|
2020-10-24 23:57:45 +05:30
|
|
|
|
"default_value": "",
|
|
|
|
|
|
"value": "",
|
2021-01-03 14:25:43 +05:30
|
|
|
|
"size": "MEDIUM",
|
2020-10-24 23:57:45 +05:30
|
|
|
|
"description": "Comma-separated list of paths to be excluded from analyzer output. Patterns can be globs, file paths, or folder paths."
|
2020-07-28 23:09:34 +05:30
|
|
|
|
},
|
|
|
|
|
|
{
|
2020-10-24 23:57:45 +05:30
|
|
|
|
"field" : "SAST_ANALYZER_IMAGE_TAG",
|
2020-07-28 23:09:34 +05:30
|
|
|
|
"label" : "Image tag",
|
|
|
|
|
|
"type": "string",
|
2020-10-24 23:57:45 +05:30
|
|
|
|
"default_value": "",
|
|
|
|
|
|
"value": "",
|
|
|
|
|
|
"size": "SMALL",
|
|
|
|
|
|
"description": "Analyzer image's tag"
|
2020-07-28 23:09:34 +05:30
|
|
|
|
}
|
|
|
|
|
|
],
|
|
|
|
|
|
"pipeline": [
|
|
|
|
|
|
{
|
|
|
|
|
|
"field" : "stage",
|
|
|
|
|
|
"label" : "Stage",
|
2020-10-24 23:57:45 +05:30
|
|
|
|
"type": "string",
|
|
|
|
|
|
"default_value": "",
|
|
|
|
|
|
"value": "",
|
|
|
|
|
|
"size": "MEDIUM",
|
|
|
|
|
|
"description": "Pipeline stage in which the scan jobs run"
|
2020-07-28 23:09:34 +05:30
|
|
|
|
},
|
|
|
|
|
|
{
|
2020-10-24 23:57:45 +05:30
|
|
|
|
"field" : "SEARCH_MAX_DEPTH",
|
|
|
|
|
|
"label" : "Search maximum depth",
|
|
|
|
|
|
"type": "string",
|
2020-07-28 23:09:34 +05:30
|
|
|
|
"default_value": "",
|
2020-10-24 23:57:45 +05:30
|
|
|
|
"value": "",
|
|
|
|
|
|
"size": "SMALL",
|
|
|
|
|
|
"description": "Maximum depth of language and framework detection"
|
2020-07-28 23:09:34 +05:30
|
|
|
|
}
|
|
|
|
|
|
],
|
|
|
|
|
|
"analyzers": [
|
|
|
|
|
|
{
|
|
|
|
|
|
"name": "brakeman",
|
|
|
|
|
|
"label": "Brakeman",
|
2020-11-24 15:15:51 +05:30
|
|
|
|
"enabled" : true,
|
|
|
|
|
|
"description": "Ruby on Rails",
|
|
|
|
|
|
"variables": [
|
|
|
|
|
|
{
|
|
|
|
|
|
"field" : "SAST_BRAKEMAN_LEVEL",
|
|
|
|
|
|
"label" : "Brakeman confidence level.",
|
|
|
|
|
|
"type": "string",
|
|
|
|
|
|
"default_value": "1",
|
|
|
|
|
|
"value": "",
|
|
|
|
|
|
"size": "SMALL",
|
|
|
|
|
|
"description": "Ignore Brakeman vulnerabilities under given confidence level. Integer, 1=Low, 2=Medium, 3=High."
|
|
|
|
|
|
}
|
|
|
|
|
|
]
|
2020-07-28 23:09:34 +05:30
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"name": "bandit",
|
|
|
|
|
|
"label": "Bandit",
|
2020-11-24 15:15:51 +05:30
|
|
|
|
"enabled" : true,
|
|
|
|
|
|
"description": "Python",
|
|
|
|
|
|
"variables": [
|
|
|
|
|
|
{
|
|
|
|
|
|
"field" : "SAST_BANDIT_EXCLUDED_PATHS",
|
|
|
|
|
|
"label" : "Paths to exclude from scan.",
|
|
|
|
|
|
"type": "string",
|
|
|
|
|
|
"default_value": "",
|
|
|
|
|
|
"value": "",
|
|
|
|
|
|
"size": "SMALL",
|
|
|
|
|
|
"description": "Comma-separated list of paths to exclude from scan. Uses Python’s 'fnmatch' syntax; For example: '*/tests/*, */venv/*'"
|
|
|
|
|
|
}
|
|
|
|
|
|
]
|
2020-07-28 23:09:34 +05:30
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"name": "eslint",
|
|
|
|
|
|
"label": "ESLint",
|
2020-11-24 15:15:51 +05:30
|
|
|
|
"enabled" : true,
|
|
|
|
|
|
"description": "JavaScript, TypeScript, React",
|
|
|
|
|
|
"variables": []
|
2020-07-28 23:09:34 +05:30
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"name": "flawfinder",
|
|
|
|
|
|
"label": "Flawfinder",
|
2020-11-24 15:15:51 +05:30
|
|
|
|
"enabled" : true,
|
|
|
|
|
|
"description": "C, C++",
|
|
|
|
|
|
"variables": [
|
|
|
|
|
|
{
|
|
|
|
|
|
"field" : "SAST_FLAWFINDER_LEVEL",
|
|
|
|
|
|
"label" : "Flawfinder risk level",
|
|
|
|
|
|
"type": "string",
|
|
|
|
|
|
"default_value": "1",
|
|
|
|
|
|
"value": "",
|
|
|
|
|
|
"size": "SMALL",
|
|
|
|
|
|
"description": "Ignore Flawfinder vulnerabilities under given risk level. Integer, 0=No risk, 5=High risk."
|
|
|
|
|
|
}
|
|
|
|
|
|
]
|
2020-07-28 23:09:34 +05:30
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"name": "kubesec",
|
|
|
|
|
|
"label": "kubesec",
|
2020-11-24 15:15:51 +05:30
|
|
|
|
"enabled" : true,
|
|
|
|
|
|
"description": "Kubernetes manifests, Helm Charts",
|
|
|
|
|
|
"variables": []
|
2020-07-28 23:09:34 +05:30
|
|
|
|
},
|
|
|
|
|
|
{
|
2020-11-24 15:15:51 +05:30
|
|
|
|
"name": "nodejs-scan",
|
2020-07-28 23:09:34 +05:30
|
|
|
|
"label": "Node.js Scan",
|
2020-11-24 15:15:51 +05:30
|
|
|
|
"enabled" : true,
|
|
|
|
|
|
"description": "Node.js",
|
|
|
|
|
|
"variables": []
|
2020-07-28 23:09:34 +05:30
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"name": "gosec",
|
|
|
|
|
|
"label": "Golang Security Checker",
|
2020-11-24 15:15:51 +05:30
|
|
|
|
"enabled" : true,
|
|
|
|
|
|
"description": "Go",
|
|
|
|
|
|
"variables": [
|
|
|
|
|
|
{
|
|
|
|
|
|
"field" : "SAST_GOSEC_LEVEL",
|
|
|
|
|
|
"label" : "Gosec confidence level",
|
|
|
|
|
|
"type": "string",
|
|
|
|
|
|
"default_value": "0",
|
|
|
|
|
|
"value": "",
|
|
|
|
|
|
"size": "SMALL",
|
|
|
|
|
|
"description": "Ignore Gosec vulnerabilities under given confidence level. Integer, 0=Undefined, 1=Low, 2=Medium, 3=High."
|
|
|
|
|
|
}
|
|
|
|
|
|
]
|
2020-07-28 23:09:34 +05:30
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"name": "phpcs-security-audit",
|
|
|
|
|
|
"label": "PHP Security Audit",
|
2020-11-24 15:15:51 +05:30
|
|
|
|
"enabled" : true,
|
|
|
|
|
|
"description": "PHP",
|
|
|
|
|
|
"variables": []
|
2020-07-28 23:09:34 +05:30
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"name": "pmd-apex",
|
|
|
|
|
|
"label": "PMD APEX",
|
2020-11-24 15:15:51 +05:30
|
|
|
|
"enabled" : true,
|
|
|
|
|
|
"description": "Apex (Salesforce)",
|
|
|
|
|
|
"variables": []
|
2020-07-28 23:09:34 +05:30
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"name": "security-code-scan",
|
|
|
|
|
|
"label": "Security Code Scan",
|
2020-11-24 15:15:51 +05:30
|
|
|
|
"enabled" : true,
|
|
|
|
|
|
"description": ".NET Core, .NET Framework",
|
|
|
|
|
|
"variables": []
|
2020-07-28 23:09:34 +05:30
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"name": "sobelow",
|
|
|
|
|
|
"label": "Sobelow",
|
2020-11-24 15:15:51 +05:30
|
|
|
|
"enabled" : true,
|
|
|
|
|
|
"description": "Elixir (Phoenix)",
|
|
|
|
|
|
"variables": []
|
2020-07-28 23:09:34 +05:30
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"name": "spotbugs",
|
|
|
|
|
|
"label": "Spotbugs",
|
2020-11-24 15:15:51 +05:30
|
|
|
|
"enabled" : true,
|
|
|
|
|
|
"description": "Groovy, Java, Scala",
|
|
|
|
|
|
"variables": []
|
2020-07-28 23:09:34 +05:30
|
|
|
|
}
|
|
|
|
|
|
]
|
|
|
|
|
|
}
|
