diff options
Diffstat (limited to '.gitlab/ci/reports.gitlab-ci.yml')
-rw-r--r-- | .gitlab/ci/reports.gitlab-ci.yml | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/.gitlab/ci/reports.gitlab-ci.yml b/.gitlab/ci/reports.gitlab-ci.yml index b581cf83d56..33efc3c4788 100644 --- a/.gitlab/ci/reports.gitlab-ci.yml +++ b/.gitlab/ci/reports.gitlab-ci.yml @@ -9,6 +9,7 @@ code_quality: extends: - .default-retry - .use-docker-in-docker + stage: lint artifacts: paths: - gl-code-quality-report.json # GitLab-specific @@ -20,6 +21,7 @@ code_quality: extends: - .default-retry - sast + stage: lint needs: [] artifacts: paths: @@ -54,6 +56,7 @@ gosec-sast: .secret-analyzer: extends: .default-retry + stage: lint needs: [] artifacts: paths: @@ -68,6 +71,7 @@ secret_detection: extends: - .default-retry - dependency_scanning + stage: lint needs: [] variables: DS_EXCLUDED_PATHS: "qa/qa/ee/fixtures/secure_premade_reports, spec, ee/spec, tmp" # GitLab-specific @@ -92,6 +96,13 @@ retire-js-dependency_scanning: gemnasium-python-dependency_scanning: rules: !reference [".reports:rules:gemnasium-python-dependency_scanning", rules] +yarn-audit-dependency_scanning: + extends: .ds-analyzer + image: "registry.gitlab.com/gitlab-org/security-products/analyzers/npm-audit:1.4.0" + variables: + TOOL: yarn + rules: !reference [".reports:rules:yarn-audit-dependency_scanning", rules] + # Analyze dependencies for malicious behavior # See https://gitlab.com/gitlab-com/gl-security/security-research/package-hunter .package_hunter-base: @@ -134,6 +145,7 @@ package_hunter-bundler: license_scanning: extends: .default-retry + stage: lint needs: [] artifacts: expire_in: 1 week # GitLab-specific |