We have a bitbucket repo which is mirrored to Gitlab. Now we want to enable SAST plugin for go (gosec): https://docs.gitlab.com/ee/user/application_security/sast/ Since the imports in the go code still point to bitbucket, when the analyser runs it tries to fetch package information using bitbucket APIs and fails with an error of 403 as it doesn't have the token to fetch the details. Any SOP around enabling this plugin for mirrored repos?
Asked
Active
Viewed 105 times
