Support sub-directories for License Compliance analysis

Problem to solve

Our License Compliance analysis only detects the type of project dependencies to analyze from the root folder. This causes limitation like e.g. when you are organizing your code by putting some dependency files into different subfolders. This is the case for our Gitaly project having Gemfile in a ruby subdirectory: https://gitlab.com/gitlab-org/gitaly/tree/master/ruby

Intended users

Persona: Software developer

Further details

Proposal

Accept LICENSE_FINDER_CLI_OPTS as an environment variable and forward it to the license finder executable here. https://gitlab.com/gitlab-org/security-products/license-management/merge_requests/77
Update documentation to provide examples on how to use the license-management job with project setup for sub-directories. !19177 (merged)

For this particular customer we can consider:

license_management:
  before_script:
    - cd ruby && bundle install
  variables: 
    - LICENSE_FINDER_CLI_OPTS: "--prepare --recursive"

Support sub-directories for License Compliance analysis

Problem to solve

Intended users

Further details

Proposal

Permissions and Security

Documentation

Testing

What does success look like, and how can we measure that?

What is the type of buyer?

Links / references