Allow customization of License Management image on the fly
Problem to solve
Follow up of our discussion on slack (https://gitlab.slack.com/archives/C3JJET4Q6/p1536130543000100), where it appears the job licence_management fails because of missing dependencies.
Further details
It's nearly impossible to cover all languages, frameworks, and cases with a single image. We should allow the user to extend our image to fulfill their needs. A very simple way is to update the job definition, looking for specific Dockerfile, and build a new image with it.
Note that we don't have to necessary update the job definition (reminder: breaking change). We can just update the online doc to suggest that edit in case the customization is needed.
Proposal
Suggest updating the job definition to
license_management:
image: docker:stable
stage: test
variables:
DOCKER_DRIVER: overlay2
allow_failure: true
services:
- docker:stable-dind
script:
- export LICENSE_MANAGEMENT_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
- [ -f .gl-licence-management-dockerfile ] && docker build --build-arg LICENSE_MANAGEMENT_VERSION=$LICENSE_MANAGEMENT_VERSION -t registry.gitlab.com/gitlab-org/security-products/license-management:$LICENSE_MANAGEMENT_VERSION .
- docker run
--volume "$PWD:/code"
"registry.gitlab.com/gitlab-org/security-products/license-management:$LICENSE_MANAGEMENT_VERSION" analyze /code
artifacts:
paths: [gl-license-management-report.json]What does success look like, and how can we measure that?
Users can install their dependencies in our image, and the licence_management job is succeeding.
https://gitlab.com/gitlab-org/gitlab-ce/-/jobs/94960510 is not failing anymore, with a .gl-licence-management-dockerfile like:
ARG LICENSE_MANAGEMENT_VERSION=latest
FROM registry.gitlab.com/gitlab-org/security-products/license-management:$LICENSE_MANAGEMENT_VERSION
RUN apt-get update && apt-get install libicu-dev && rm -rf /var/lib/apt/lists/*Links / references
/cc @bikebilly