scan does not create comment in the merge request.
avnsiva opened this issue · 2 comments
When trying to run a scan with the shift left test, its not updating the merge request in gitlab.com and self hosted Gitlab CE edition.
The yaml used is:
variables:
GITHUB_TOKEN: $GITHUB_TOKEN
GITLAB_TOKEN: $GITLAB_TOKEN
SCAN_ANNOTATE_PR: "true"
scan:
stage: test
image:
name: quay.io/shiftleft/scan-oss:latest
script:
- scan --src ${CI_PROJECT_DIR} --type depscan --out_dir ${CI_PROJECT_DIR}/reports
rules:
- when: always
artifacts:
name: "$CI_JOB_NAME-$CI_COMMIT_REF_NAME"
paths:
- $CI_PROJECT_DIR/reports/
when: always
The results looks like:
[15:13:28] INFO Baseline file written to /builds/siva.ah/spring-boot-rest-example/reports/.sastscan.baseline
Security Scan Summary
╔════════════════════════╤══════════╤══════╤════════╤═════╤════════╗
║ Tool │ Critical │ High │ Medium │ Low │ Status ║
╟────────────────────────┼──────────┼──────┼────────┼─────┼────────╢
║ Dependency Scan (java) │ 30 │ 50 │ 24 │ 7 │ ❌ ║
╚════════════════════════╧══════════╧══════╧════════╧═════╧════════╝
Uploading artifacts for failed job
Uploading artifacts...
/builds/siva.ah/spring-boot-rest-example/reports/: found 7 matching files and directories
Uploading artifacts as "archive" to coordinator... ok id=1958602230 responseStatus=201 Created token=gVeUsj1y
Cleaning up project directory and file based variables
00:01
ERROR: Job failed: exit code 1
Am I getting something wrong here?