Gemnasium release pipeline fails because dependency scanning reports cannot be fetched
Summary
When the QA jobs attempt to fetch the generated DS reports, they are unable to find the
reports, and as a result fail. The failures are blocking any new releases from deploying
for gemnasium
, gemnasium-maven
, and gemnasium-python
.
Steps to reproduce
Run a pipeline on any of the gitlab-org/security-products/tests
.
Example Project
What is the current bug behavior?
No reports are found.
What is the expected correct behavior?
The previously generated reports are found and used in the comparison.
Relevant logs and/or screenshots
See these job logs.
Possible fixes
* Set the DS_SCHEMA_MODEL to version 15
- Update the GitLab monolith so that it supports security report schema version 15.0.7.
Edited by Oscar Tovar