gitlab-ultimate.yml 1.44 KB
Newer Older
1
2
include:
  - template: Dependency-Scanning.gitlab-ci.yml
3
  - template: SAST.gitlab-ci.yml
4
5
  - template: License-Management.gitlab-ci.yml

6
7
# --------------------------------------------------------------------------------

8
.ultimate-scanner-config:
9
  stage: scan
10
  tags: ['docker-runner']
11
  needs: ['compile-and-unit-test']
12
13
  cache:
    paths:
14
      - $CI_PROJECT_DIR/.m2/repository
15

16
  variables:
17
    MAVEN_CLI_OPTS: "--batch-mode --settings=$CI_PROJECT_DIR/.mvn/community-maven.settings.xml -DskipTests=true"
18
    DS_DISABLE_DIND: "true"
19
    SAST_DISABLE_DIND: "true"
20

21
22
  # We need to make sure both directories exist, then we can copy files over
  # Since it is a separate volume, mv offers no advantages. tar | tar, plus rm, is the fastest execution
23
  before_script:
24
    - mkdir -p ~/.m2 $CI_PROJECT_DIR/.m2/repository
25
    - tar -cC $CI_PROJECT_DIR/.m2 repository | tar -xC ~/.m2
26
    - rm -rf $CI_PROJECT_DIR/.m2/repository
27

28
  # Copy the repository back to the cache area
29
  after_script:
30
    - tar -cC ~/.m2 repository | tar -xC $CI_PROJECT_DIR/.m2
31

32
# --------------------------------------------------------------------------------
33

34
35
dependency_scanning:
  extends: .ultimate-scanner-config
36

37
38
39
40
41
sast:
  extends: .ultimate-scanner-config

license_management:
  extends: .ultimate-scanner-config
42
43
44
45
46

# --------------------------------------------------------------------------------

gemnasium-maven-dependency_scanning:
  image: registry.gitlab.com/divido/gemnasium-maven:jdk-8