Merge branch 'remove-dind-from-ds-config' into 'master'

Enable Dependency Scanning for Python See merge request gitlab-org/gitlab!50409

Merge branch 'remove-dind-from-ds-config' into 'master'
Enable Dependency Scanning for Python See merge request gitlab-org/gitlab!50409
004cd454 · Albert Salim · dfb7e090 · 1c25b3e0 · 004cd454
Commit 004cd454 authored Jan 08, 2021 by Albert Salim
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 1 deletion

.gitlab/ci/reports.gitlab-ci.yml .gitlab/ci/reports.gitlab-ci.yml +6 -1

No files found.
--- a/.gitlab/ci/reports.gitlab-ci.yml
+++ b/.gitlab/ci/reports.gitlab-ci.yml
@@ -119,7 +119,7 @@ dependency_scanning gemnasium:
    # git-lfs is needed for auto-remediation
    - apk add git-lfs
  after_script:
-    # Post-processing: This will be an after_script once this job will use the Dependency Scanning CI template
+    # Post-processing
    - apk add jq
    # Lower execa severity based on https://gitlab.com/gitlab-org/gitlab/-/issues/223859#note_452922390
    - jq '(.vulnerabilities[] | select (.cve == "yarn.lock:execa:gemnasium:05cfa2e8-2d0c-42c1-8894-638e2f12ff3d")).severity = "Medium"' gl-dependency-scanning-report.json > temp.json && mv temp.json gl-dependency-scanning-report.json
@@ -134,6 +134,11 @@ dependency_scanning retire-js:
  image:
    name: "$SECURE_ANALYZERS_PREFIX/retire.js:$DS_MAJOR_VERSION"
+dependency_scanning gemnasium-python:
+  extends: .dependency_scanning
+  image:
+    name: "$SECURE_ANALYZERS_PREFIX/gemnasium-python:$DS_MAJOR_VERSION"
 # Analyze dependencies for malicious behavior
 # See https://gitlab.com/gitlab-com/gl-security/security-research/package-hunter
 package_hunter: