diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-04-08 21:09:50 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-04-08 21:09:50 +0000 |
| commit | 76358aee81a471a5e71eaf3e8c2d91b7c9a0a5a9 (patch) | |
| tree | df9ba3dcc09eb404de31e0d79cb8f0b77812e655 /doc/user/compliance/license_compliance | |
| parent | 80e9fdc9682cfbcfb9202a2733605a6a6bd23f05 (diff) | |
| download | gitlab-ce-76358aee81a471a5e71eaf3e8c2d91b7c9a0a5a9.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/user/compliance/license_compliance')
| -rw-r--r-- | doc/user/compliance/license_compliance/index.md | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/doc/user/compliance/license_compliance/index.md b/doc/user/compliance/license_compliance/index.md index 96b051c1673..485e9d8213d 100644 --- a/doc/user/compliance/license_compliance/index.md +++ b/doc/user/compliance/license_compliance/index.md @@ -121,6 +121,8 @@ License Compliance can be configured using environment variables. | `LM_JAVA_VERSION` | no | Version of Java. If set to `11`, Maven and Gradle use Java 11 instead of Java 8. | | `LM_PYTHON_VERSION` | no | Version of Python. If set to `3`, dependencies are installed using Python 3 instead of Python 2.7. | | `SETUP_CMD` | no | Custom setup for the dependency installation. (experimental) | +| `PIP_INDEX_URL` | no | Base URL of Python Package Index (default: `https://pypi.org/simple/`). | +| `ADDITIONAL_CA_CERT_BUNDLE` | no | Bundle of trusted CA certificates (currently supported in Python projects). | ### Installing custom dependencies @@ -215,6 +217,37 @@ license_scanning: LM_PYTHON_VERSION: 2 ``` +### Custom root certificates for Python + +You can supply a custom root certificate to complete TLS verification by using the +`ADDITIONAL_CA_CERT_BUNDLE` [environment variable](#available-variables). + +To bypass TLS verification, you can use a custom [`pip.conf`](https://pip.pypa.io/en/stable/user_guide/#config-file) +file to configure trusted hosts. + +The following `gitlab-ci.yml` file uses a [`before_script`](../../../ci/yaml/README.md#before_script-and-after_script) +to inject a custom [`pip.conf`](https://pip.pypa.io/en/stable/user_guide/#config-file): + +```yaml +include: + - template: License-Scanning.gitlab-ci.yml + +license_scanning: + variables: + PIP_INDEX_URL: 'https://pypi.example.com/simple/' + before_script: + - mkdir -p ~/.config/pip/ + - cp pip.conf ~/.config/pip/pip.conf +``` + +The [`pip.conf`](https://pip.pypa.io/en/stable/reference/pip/) allows you to specify a list of +[trusted hosts](https://pip.pypa.io/en/stable/reference/pip/#cmdoption-trusted-host): + +```text +[global] +trusted-host = pypi.example.com +``` + ### Migration from `license_management` to `license_scanning` In GitLab 12.8 a new name for `license_management` job was introduced. This change was made to improve clarity around the purpose of the scan, which is to scan and collect the types of licenses present in a projects dependencies. |