Add Dependency Scanning

author: Thomas Woodham <twoodham@gitlab.com> 2022-01-13 07:13:05 +0300
committer: Evan Read <eread@gitlab.com> 2022-01-13 07:13:05 +0300
commit: 84ec5741d592bf61f3987e56fcf9b23eb3dce9c3 (patch)
tree: 9d81eee86eac421d88724fb118105ef12ee6738a /.gitlab-ci.yml
parent: 1b5ad22abca0e6e73de90bef0cbcef87af833ce1 (diff)
1 files changed, 35 insertions, 0 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index f1509bc0..669324e1 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,6 +1,7 @@
 include:
   - project: gitlab-org/frontend/untamper-my-lockfile
     file: .gitlab-ci-template.yml
+  - template: Security/Dependency-Scanning.gitlab-ci.yml
 
 default:
   image: registry.gitlab.com/gitlab-org/gitlab-docs:base
@@ -686,3 +687,37 @@ image:docs-latest:
   script:
     - docker build --build-arg NANOC_ENV=${NANOC_ENV} --build-arg CI_COMMIT_REF_NAME=${CI_COMMIT_REF_NAME} -t $IMAGE_NAME -f $DOCKERFILE .
     - docker push $IMAGE_NAME
+
+#
+# Override Dependency scanning defaults to ensure it works in this pipeline
+#
+
+.dependency-scanning-overrides:
+  dependencies: []
+  needs: []
+  before_script: []
+
+gemnasium-dependency_scanning:
+  extends:
+    - .ds-analyzer
+    - .dependency-scanning-overrides
+
+gemnasium-maven-dependency_scanning:
+  extends:
+    - .ds-analyzer
+    - .dependency-scanning-overrides
+
+gemnasium-python-dependency_scanning:
+  extends:
+    - .ds-analyzer
+    - .dependency-scanning-overrides
+
+bundler-audit-dependency_scanning:
+  extends:
+    - .ds-analyzer
+    - .dependency-scanning-overrides
+
+retire-js-dependency_scanning:
+  extends:
+    - .ds-analyzer
+    - .dependency-scanning-overrides
author	Thomas Woodham <twoodham@gitlab.com>	2022-01-13 07:13:05 +0300
committer	Evan Read <eread@gitlab.com>	2022-01-13 07:13:05 +0300
commit	84ec5741d592bf61f3987e56fcf9b23eb3dce9c3 (patch)
tree	9d81eee86eac421d88724fb118105ef12ee6738a /.gitlab-ci.yml
parent	1b5ad22abca0e6e73de90bef0cbcef87af833ce1 (diff)