Commit 05f1164b authored by Olivier Gonzalez's avatar Olivier Gonzalez Committed by Nick Gaskill

Update offline docs

- Add link to ds instructions from main offline doc
- Add maven variable to ds instruction
parent b2501d91
...@@ -515,10 +515,12 @@ BUNDLER_AUDIT_ADVISORY_DB_URL: "gitlab.example.com/ruby-advisory-db.git" ...@@ -515,10 +515,12 @@ BUNDLER_AUDIT_ADVISORY_DB_URL: "gitlab.example.com/ruby-advisory-db.git"
#### Java (Maven) projects #### Java (Maven) projects
When using a self-signed certificates, add the following to the variables section of`.gitlab-ci.yml`: When using self-signed certificates, add the following job section to the `.gitlab-ci.yml`:
```yaml ```yaml
MAVEN_CLI_OPTS="-Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true"` gemnasium-maven-dependency_scanning:
variables:
MAVEN_CLI_OPTS: "-Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true"
``` ```
#### Java (Gradle) projects #### Java (Gradle) projects
...@@ -527,10 +529,9 @@ When using self-signed certificates, add the following job section to the `.gitl ...@@ -527,10 +529,9 @@ When using self-signed certificates, add the following job section to the `.gitl
```yaml ```yaml
gemnasium-maven-dependency_scanning: gemnasium-maven-dependency_scanning:
variables: before_script:
before_script: - echo -n | openssl s_client -connect maven-repo.example.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/internal.crt
- echo -n | openssl s_client -connect maven-repo.example.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/internal.crt - keytool -importcert -file /tmp/internal.crt -cacerts -storepass changeit -noprompt
- keytool -importcert -file /tmp/internal.crt -cacerts -storepass changeit -noprompt
``` ```
This adds the self-signed certificates of your maven repository to the Java Key Store of the analyzer's docker image. This adds the self-signed certificates of your maven repository to the Java Key Store of the analyzer's docker image.
...@@ -541,10 +542,9 @@ When using self-signed certificates, add the following job section to the `.gitl ...@@ -541,10 +542,9 @@ When using self-signed certificates, add the following job section to the `.gitl
```yaml ```yaml
gemnasium-maven-dependency_scanning: gemnasium-maven-dependency_scanning:
variables: before_script:
before_script: - echo -n | openssl s_client -connect maven-repo.example.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/internal.crt
- echo -n | openssl s_client -connect gitlab-airgap-test.us-west1-b.c.group-secure-a89fe7.internal:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/internal.crt - keytool -importcert -file /tmp/internal.crt -cacerts -storepass changeit -noprompt
- keytool -importcert -file /tmp/internal.crt -cacerts -storepass changeit -noprompt
``` ```
This adds the self-signed certificates of your maven repository to the Java Key Store of the analyzer's docker image. This adds the self-signed certificates of your maven repository to the Java Key Store of the analyzer's docker image.
......
...@@ -79,3 +79,4 @@ above. You can find more information at each of the pages below: ...@@ -79,3 +79,4 @@ above. You can find more information at each of the pages below:
- [SAST offline directions](../sast/index.md#running-sast-in-an-offline-environment) - [SAST offline directions](../sast/index.md#running-sast-in-an-offline-environment)
- [DAST offline directions](../dast/index.md#running-dast-in-an-offline-environment) - [DAST offline directions](../dast/index.md#running-dast-in-an-offline-environment)
- [License Compliance offline directions](../../compliance/license_compliance/index.md#running-license-compliance-in-an-offline-environment) - [License Compliance offline directions](../../compliance/license_compliance/index.md#running-license-compliance-in-an-offline-environment)
- [Dependency Scanning offline directions](../dependency_scanning/index.md#running-dependency-scanning-in-an-offline-environment)
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment