This is an automated email from the ASF dual-hosted git repository. not-in-ldap pushed a commit to branch jjardon/dependency_scanning in repository https://gitbox.apache.org/repos/asf/buildstream.git
commit 0f0be8f5f06d6f2d021ac510db983a2120221e20 Author: Javier Jardón <[email protected]> AuthorDate: Tue Apr 24 01:14:19 2018 +0100 .gitlab-ci.yml: Add job to run Dependency Scanning --- .gitlab-ci.yml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index a7a4629..22ada8c 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -208,6 +208,24 @@ coverage: - tests-unix - source_dist +dependency_scanning: + image: docker:stable + variables: + DOCKER_DRIVER: overlay2 + allow_failure: true + services: + - docker:stable-dind + script: + - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/') + - docker run + --env DEP_SCAN_DISABLE_REMOTE_CHECKS="${DEP_SCAN_DISABLE_REMOTE_CHECKS:-false}" + --volume "$PWD:/code" + --volume /var/run/docker.sock:/var/run/docker.sock + "registry.gitlab.com/gitlab-org/security-products/dependency-scanning:$SP_VERSION" /code + artifacts: + paths: [gl-dependency-scanning-report.json] + + # Deploy, only for merges which land on master branch. # pages:
