update

2024-05-05 13:17:29 -05:00
parent 5998930c01
commit cf20485fce
2 changed files with 27 additions and 20 deletions
--- a/pipelines/compliance.yml
+++ b/pipelines/compliance.yml
@@ -7,7 +7,6 @@ include:
    ref: 'main'
    file: 
      - 'jobs/version.yml'
-      - 'jobs/codescan.yml'
      - 'jobs/sonarqube.yml'
      - 'jobs/golang.yml'

@@ -31,22 +30,3 @@ sonarqube:
    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ '/^release/' || $CI_MERGE_REQUEST_IID
      exists:
        - "sonar-project.properties"  
-
-generate_sbom:
-  extends: .generate_sbom
-  stage: validate
-  needs:
-    - job: docker-build
-      optional: true
-      artifacts: true
-  rules:
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ '/^release/' || $CI_MERGE_REQUEST_IID
-
-generate_cve:
-  extends: .generate_cve
-  stage: validate
-  needs:
-    - job: generate_sbom
-      artifacts: true
-  rules:
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ '/^release/' || $CI_MERGE_REQUEST_IID
--- a/pipelines/security.yml
+++ b/pipelines/security.yml
@@ -0,0 +1,27 @@
+stages:
+  - build
+
+include:
+  - project: 'developerdurp/yml'
+    ref: 'main'
+    file: 
+      - 'jobs/codescan.yml'
+
+generate_sbom:
+  extends: .generate_sbom
+  stage: build
+  needs:
+    - job: docker-build
+      optional: true
+      artifacts: true
+  rules:
+    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ '/^release/' || $CI_MERGE_REQUEST_IID
+
+generate_cve:
+  extends: .generate_cve
+  stage: build
+  needs:
+    - job: generate_sbom
+      artifacts: true
+  rules:
+    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ '/^release/' || $CI_MERGE_REQUEST_IID