Dependency Scanning: Simplify Poetry workaround

Review changes
Download
Patches
Plain diff

Katrin Leinweber requested to merge docs-simpler-scan-non-supported-dependency-files into master Aug 04, 2021

Overview 3
Commits 1
Pipelines 1
Changes 1

What does this MR do?

Follows up on !47940 (merged) & victor-engmark/gitlab!1 (closed) to simplify our workaround to missing Poetry support. Prepared by @victor-engmark, I just rebased.

Things to consider: Does this simplification remove any relevant details for other packaging systems? After all, that trouble-shooting section should be generalisable, with Poetry being just a popular example for the whole approach.

How to setup and validate locally

Example below:

Start with a Python project
Enable dependency scanning
Add the new code to .gitlab-ci.yml
Verify that the gemnasium-python-dependency_scanning job runs successfully.

Related issues

#7006 (comment 640545230)

Author's checklist

Follow the Documentation Guidelines and Style Guide.
[-] Ensure that the product tier badge is added to doc's h1.
Request a review based on the documentation page's metadata and associated Technical Writer.

To avoid having this MR be added to code verification QA issues, don't add these labels: feature, frontend, backend, ~"bug", or database

Review checklist

Documentation-related MRs should be reviewed by a Technical Writer for a non-blocking review, based on Documentation Guidelines and the Style Guide.

If the content requires it, ensure the information is reviewed by a subject matter expert.
Technical writer review items:
- Ensure docs metadata is present and up-to-date.
- Ensure the appropriate labels are added to this MR.
- If relevant to this MR, ensure content topic type principles are in use, including:
  - The headings should be something you'd do a Google search for. Instead of Default behavior, say something like Default behavior when you close an issue.
  - The headings (other than the page title) should be active. Instead of Configuring GDK, say something like Configure GDK.
  - Any task steps should be written as a numbered list.
  - If the content still needs to be edited for topic types, you can create a follow-up issue with the docs-technical-debt label.
Review by assigned maintainer, who can always request/require the above reviews. Maintainer's review can occur before or after a technical writer review.
Ensure a release milestone is set.

Edited Aug 05, 2021 by Katrin Leinweber

Merge request reports

Assignee

Reviewers

Request review from

Time tracking