Dependency Scanning fails on Java-based project with Maven
Summary
Dependency scanning is failing on a Java-based project using Maven with no clear error message.
Steps to reproduce
Support has not yet been able to replicate this using this test project. A job trace and .gitlab-ci.yml
for the customer can be found in an internal note in the Zendesk ticket listed at the bottom of this issue's description.
What is the current bug behavior?
Dependency scanning fails with: (stack trace in ticket)
Status: Downloaded newer image for registry.gitlab.com/gitlab-org/security-products/analyzers/gemnasium-maven:2
Uploading artifacts...
WARNING: gl-dependency-scanning-report.json: no matching files
ERROR: No files to upload
ERROR: Job failed: exit code 1
What is the expected correct behavior?
Dependency scanning should pass when run on a project using a supported code base.
Output of checks
This bug happens on GitLab.com
ZD: https://gitlab.zendesk.com/agent/tickets/137586 (GitLab Internal)
Edited by Nicole Schwartz