Add Dependency Scanning support to Scan Execution Policies
Why are we doing this work
We want users to be able to require Dependency Scanning to run as part of a GitLab Scan Execution Security Policy.
Similar to the existing SAST scan action, the Dependency Scanning scan action will execute the Jobs/Dependency-Scanning template in a child pipeline.
Relevant links
Non-functional requirements
-
Documentation: Scan execution policies is updated to reflect newly introduced scan: dependency_scanning
action -
Feature flag: -
Performance: -
Testing:
Implementation plan
-
backend Refer to the
dependency-scanning-security-policy-support
branch for a PoC. The implementation will differ slightly once !100173 (merged) is merged.