Skip to content

Rename gemnasium-db variables

Fabien Catteau requested to merge 14630-rename-gemnasium-db-vars into 14630-use-gemnasium-db

What does this MR do?

Rename the variables related to gemnasium-db, change GEMNASIUM_REPO prefix with GEMNASIUM_DB. Also, expose the environment variables available as Docker build arguments, to be set when building the image.

See !25 (diffs, comment 234291084) for motivations.

Testing

Without build arguments:

$ docker build -t gemnasium:14630 .

$ docker run -ti --rm gemnasium:14630 /bin/ash
/ # set|grep GEMNASIUM_DB
GEMNASIUM_DB_LOCAL_PATH='/gemnasium-db'
GEMNASIUM_DB_REF_NAME='master'
GEMNASIUM_DB_REMOTE_URL='https://gitlab.com/gitlab-org/security-products/gemnasium-db.git'

$ docker run -ti --rm --env DS_EXCLUDED_PATHS='*.excluded' \
  --volume $PWD/test/fixtures:/tmp/app \
  --env CI_PROJECT_DIR=/tmp/app gemnasium:14630
Found project in /tmp/app/clean
From https://gitlab.com/gitlab-org/security-products/gemnasium-db
 * branch              master     -> FETCH_HEAD

$ diff -u test/expect/gl-dependency-scanning-report.json \
  test/fixtures/gl-dependency-scanning-report.json

(no diff)

With build arguments:

$ docker build \
  --build-arg GEMNASIUM_DB_LOCAL_PATH=/vuln-db \
  --build-arg GEMNASIUM_DB_REMOTE_URL=https://gitlab.com/fcatteau/gemnasium-db.git \
  --build-arg GEMNASIUM_DB_REF_NAME=check-uuid \
  -t gemnasium:14630-fcatteau .

$ docker run -ti --rm gemnasium:14630-fcatteau /bin/ash
/ # set|grep GEMNASIUM_DB
GEMNASIUM_DB_LOCAL_PATH='/vuln-db'
GEMNASIUM_DB_REF_NAME='check-uuid'
GEMNASIUM_DB_REMOTE_URL='https://gitlab.com/fcatteau/gemnasium-db.git'

$ docker run -ti --rm --env DS_EXCLUDED_PATHS='*.excluded' \
  --volume $PWD/test/fixtures:/tmp/app \
  --env CI_PROJECT_DIR=/tmp/app gemnasium:14630-fcatteau
Found project in /tmp/app/clean
From https://gitlab.com/fcatteau/gemnasium-db
 * branch              check-uuid -> FETCH_HEAD
HEAD is now at 294cc056 Add job to check that UUID has been set
2019/10/24 07:30:19 auto-remediation requires a valid git directory

$ diff -u test/expect/gl-dependency-scanning-report.json \
  test/fixtures/gl-dependency-scanning-report.json

There's a diff because some advisories are missing on this particular git branch.

Related issues

gitlab-org/gitlab#14630 (closed)

Merge request reports