Create Android Dependency Scanning CI Component
Motivation
We want to push for CI Components in Composition Analysis, and we want to provide Android scanning support. This issue would capture both of those items.
The component will exist in its own repository. Users will be able to add it to their pipelines by adding an include
statement to their .gitlab-ci.yml
file. It will run Gemnasium-maven with experimental Gradle upgrade enabled to scan Gradle (Android) projects. The flow and output will match that of Gemnasium-maven.
Potential Steps
- Create a basic CI Component running Gemnasium-maven with experimental Gradle upgrade enabled.
- To work around SDK issue, consider adding SDK to image as part of the Component.
Concrete Steps
-
Create a project for an Android Dependency Scanning component -
Create a component that runs Gemnasium-maven with experimental Gradle upgrade enabled -
Add a .gitlab-ci.yml
file that verifies that including the component indeed adds the expected job
Edited by Yasha Rise