gitlab-ultimate.yml 1.48 KB
Newer Older
1
2
include:
  - template: Dependency-Scanning.gitlab-ci.yml
3
  - template: SAST.gitlab-ci.yml
4
5
  - template: License-Management.gitlab-ci.yml

6
7
# --------------------------------------------------------------------------------

8
.ultimate-scanner-config:
9
  tags: ['docker-runner']
10
  needs: ['compile-and-unit-test']
11
12
  cache:
    paths:
13
      - $CI_PROJECT_DIR/.m2/repository
14

15
  variables:
16
    MAVEN_CLI_OPTS: "--batch-mode --settings=$CI_PROJECT_DIR/.mvn/community-maven.settings.xml -DskipTests=true"
17
    DS_DISABLE_DIND: "true"
18
    SAST_DISABLE_DIND: "true"
19

20
21
  # We need to make sure both directories exist, then we can copy files over
  # Since it is a separate volume, mv offers no advantages. tar | tar, plus rm, is the fastest execution
22
  before_script:
23
    - mkdir -p ~/.m2 $CI_PROJECT_DIR/.m2/repository
24
    - tar -cC $CI_PROJECT_DIR/.m2 repository | tar -xC ~/.m2
25
    - rm -rf $CI_PROJECT_DIR/.m2/repository
26

27
  # Copy the repository back to the cache area
28
  after_script:
29
    - tar -cC ~/.m2 repository | tar -xC $CI_PROJECT_DIR/.m2
30

31
# --------------------------------------------------------------------------------
32

33
dependency_scanning:
34
  stage: scan
35
  extends: .ultimate-scanner-config
36

37
sast:
38
  stage: scan
39
40
41
  extends: .ultimate-scanner-config

license_management:
42
  stage: scan
43
  extends: .ultimate-scanner-config
44
45
46
47

# --------------------------------------------------------------------------------

gemnasium-maven-dependency_scanning:
48
  stage: scan
49
  image: registry.gitlab.com/divido/gemnasium-maven:jdk-8