From cf20485fce30f9b19a5250c2361bd82c7ad4fa41 Mon Sep 17 00:00:00 2001 From: DeveloperDurp Date: Sun, 5 May 2024 13:17:29 -0500 Subject: [PATCH] update --- pipelines/compliance.yml | 20 -------------------- pipelines/security.yml | 27 +++++++++++++++++++++++++++ 2 files changed, 27 insertions(+), 20 deletions(-) create mode 100644 pipelines/security.yml diff --git a/pipelines/compliance.yml b/pipelines/compliance.yml index 7fae861..98edad1 100644 --- a/pipelines/compliance.yml +++ b/pipelines/compliance.yml @@ -7,7 +7,6 @@ include: ref: 'main' file: - 'jobs/version.yml' - - 'jobs/codescan.yml' - 'jobs/sonarqube.yml' - 'jobs/golang.yml' @@ -31,22 +30,3 @@ sonarqube: - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ '/^release/' || $CI_MERGE_REQUEST_IID exists: - "sonar-project.properties" - -generate_sbom: - extends: .generate_sbom - stage: validate - needs: - - job: docker-build - optional: true - artifacts: true - rules: - - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ '/^release/' || $CI_MERGE_REQUEST_IID - -generate_cve: - extends: .generate_cve - stage: validate - needs: - - job: generate_sbom - artifacts: true - rules: - - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ '/^release/' || $CI_MERGE_REQUEST_IID diff --git a/pipelines/security.yml b/pipelines/security.yml new file mode 100644 index 0000000..1ef2e06 --- /dev/null +++ b/pipelines/security.yml @@ -0,0 +1,27 @@ +stages: + - build + +include: + - project: 'developerdurp/yml' + ref: 'main' + file: + - 'jobs/codescan.yml' + +generate_sbom: + extends: .generate_sbom + stage: build + needs: + - job: docker-build + optional: true + artifacts: true + rules: + - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ '/^release/' || $CI_MERGE_REQUEST_IID + +generate_cve: + extends: .generate_cve + stage: build + needs: + - job: generate_sbom + artifacts: true + rules: + - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ '/^release/' || $CI_MERGE_REQUEST_IID