Bump Code Quality CI/CD Job

Since Rubocop was introduced pipelines succeeded with warnings, as
Rubocop was newer than the quality checks that ran.

This commit replaces the sample with the one listed in the docs:
https://docs.gitlab.com/ee/ci/examples/code_quality.html

The biggest change is the fact that this does now run a version of these
checks based on CI_SERVER_VERSION. This might break our pipeline, or
create new offences at a moments notice. Given `allow_failure` is still
set to true, this could be alright and saves maintainence time.

1 files changed, 13 insertions, 9 deletions

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 0017a04c4..fc3b9c00c 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -120,18 +120,22 @@ cover:
       - _build/cover/all.html
     expire_in: 1 week
 
-# Create a code quality report
-codequality:
-  image: docker:latest
-  stage: test
+code_quality:
+  image: docker:stable
+  variables:
+    DOCKER_DRIVER: overlay2
+  allow_failure: true
   services:
-    - docker:dind
+    - docker:stable-dind
   script:
-    - docker run --env CODECLIMATE_CODE="$PWD" --volume "$PWD":/code --volume /var/run/docker.sock:/var/run/docker.sock --volume /tmp/cc:/tmp/cc dev.gitlab.org:5005/gitlab/gitlab-build-images:gitlab-codeclimate analyze -f json > codeclimate.json
+    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
+    - docker run
+        --env SOURCE_CODE="$PWD"
+        --volume "$PWD":/code
+        --volume /var/run/docker.sock:/var/run/docker.sock
+        "registry.gitlab.com/gitlab-org/security-products/codequality:$SP_VERSION" /code
   artifacts:
-    paths: [codeclimate.json]
-    expire_in: 1 week
-  allow_failure: true
+    paths: [gl-code-quality-report.json]
 
 .build_image: &build_image
   stage: publish