Add QA jobs for DS no-DinD (!160) · Merge requests · GitLab.org / security-products / ci-templates

Fabien Catteau requested to merge qa-jobs-ds-no-dind into master Sep 24, 2020

What does this MR do?

Move job definitions of Dependency Scanning (DS) QA jobs to the DS QA template.

This avoid the repetition of QA job like these:

qa-gemnasium-dependency_scanning:
  needs: ["gemnasium-dependency_scanning"]
  extends: .qa-dependency_scanning
  only:
    variables:
      - $DS_DEFAULT_ANALYZERS =~ /gemnasium([^-]|$)/

It's also less error prone. In this particular case ☝ there's a condition missing on DEPENDENCY_SCANNING_DISABLED.

Enabling QA for DS should be as easy as importing the QA template, and specifying the path or URL of the expected report, if this is not the default (or to make sure it fails when the job is not triggered):

qa-gemnasium-dependency_scanning:
  variables:
    WANT: gemnasium-report.json

The update QA jobs are not covered by this since being they are being deprecated as we are moving expectations from test projects to analyzer projects.

What are the relevant issue numbers?

None at the moment.

Does this MR meet the acceptance criteria?

Manual tests
- Multiple DS jobs: gitlab-org/security-products/tests/ruby-bundler!1251 (diffs)
- Single DS job: gitlab-org/security-products/tests/php-composer!52 (diffs)

Edited Sep 30, 2020 by Fabien Catteau

Add QA jobs for DS no-DinD

What does this MR do?

What are the relevant issue numbers?

Does this MR meet the acceptance criteria?

Merge request reports