Add flag to allow uploading dependency scan result as artifact

Hey all,

As a part of GitLab <-> Rezilion integration, Rezilion would like to integrate with the dependency scan. For that, we will need the JSON scan result which is currently not available to retrieve by a third party (like Rezilion).

A possible fix for that: We could ask the user to set a parameter for the yml, for example:

COPY_DEPENDENCY_SCAN_RESULTS: true

Then, we’ll check if this flag exists. if it exists, we can do cp dependency_scanning.json dependency_scanning_local.json So, we’ll always upload dependency-scannign_copy.json as an artifact in the yml. if the variable won’t be declared, GitLab won’t find that file while trying to upload artifacts (because that file is only created if the variable exists), and thus it won’t contain 2 copies of the dependency scanning json.

Thank you!