diff options
author | Olivier Gonzalez <ogonzalez@gitlab.com> | 2018-04-10 12:59:22 +0000 |
---|---|---|
committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2018-04-10 12:59:22 +0000 |
commit | a3617fb8b9d20acb361d78f476e9ad2b4c9ae118 (patch) | |
tree | c535faf7c50b03bc9b17e9868e50a65c2b9df423 /.gitlab-ci.yml | |
parent | e4c8a84d7aa28112c4f9bf41390edf04675ebcef (diff) | |
download | gitlab-ce-a3617fb8b9d20acb361d78f476e9ad2b4c9ae118.tar.gz |
Update Security Products jobs definitions
Diffstat (limited to '.gitlab-ci.yml')
-rw-r--r-- | .gitlab-ci.yml | 42 |
1 files changed, 38 insertions, 4 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 4659722854e..2249115e82a 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -735,16 +735,50 @@ codequality: expire_in: 1 week sast: - <<: *except-docs - image: registry.gitlab.com/gitlab-org/gl-sast:latest + <<: *dedicated-no-docs-no-db-pull-cache-job + image: docker:stable variables: - CONFIDENCE_LEVEL: 2 + SAST_CONFIDENCE_LEVEL: 2 + DOCKER_DRIVER: overlay2 + allow_failure: true + tags: [] before_script: [] + cache: {} + dependencies: [] + services: + - docker:stable-dind script: - - /app/bin/run . + - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/') + - docker run + --env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}" + --volume "$PWD:/code" + --volume /var/run/docker.sock:/var/run/docker.sock + "registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code artifacts: paths: [gl-sast-report.json] +dependency_scanning: + <<: *dedicated-no-docs-no-db-pull-cache-job + image: docker:stable + variables: + DOCKER_DRIVER: overlay2 + allow_failure: true + tags: [] + before_script: [] + cache: {} + dependencies: [] + services: + - docker:stable-dind + script: + - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/') + - docker run + --env DEP_SCAN_DISABLE_REMOTE_CHECKS="${DEP_SCAN_DISABLE_REMOTE_CHECKS:-false}" + --volume "$PWD:/code" + --volume /var/run/docker.sock:/var/run/docker.sock + "registry.gitlab.com/gitlab-org/security-products/dependency-scanning:$SP_VERSION" /code + artifacts: + paths: [gl-dependency-scanning-report.json] + qa:internal: <<: *dedicated-no-docs-no-db-pull-cache-job services: [] |