update

pipelines/compliance.yml

@@ -7,7 +7,6 @@ include:
     ref: 'main'
     file: 
       - 'jobs/version.yml'
-      - 'jobs/codescan.yml'
       - 'jobs/sonarqube.yml'
       - 'jobs/golang.yml'
 
@@ -31,22 +30,3 @@ sonarqube:
     - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ '/^release/' || $CI_MERGE_REQUEST_IID
       exists:
         - "sonar-project.properties"  
-
-generate_sbom:
-  extends: .generate_sbom
-  stage: validate
-  needs:
-    - job: docker-build
-      optional: true
-      artifacts: true
-  rules:
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ '/^release/' || $CI_MERGE_REQUEST_IID
-
-generate_cve:
-  extends: .generate_cve
-  stage: validate
-  needs:
-    - job: generate_sbom
-      artifacts: true
-  rules:
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ '/^release/' || $CI_MERGE_REQUEST_IID

pipelines/security.yml

@@ -0,0 +1,27 @@
+stages:
+  - build
+
+include:
+  - project: 'developerdurp/yml'
+    ref: 'main'
+    file: 
+      - 'jobs/codescan.yml'
+
+generate_sbom:
+  extends: .generate_sbom
+  stage: build
+  needs:
+    - job: docker-build
+      optional: true
+      artifacts: true
+  rules:
+    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ '/^release/' || $CI_MERGE_REQUEST_IID
+
+generate_cve:
+  extends: .generate_cve
+  stage: build
+  needs:
+    - job: generate_sbom
+      artifacts: true
+  rules:
+    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ '/^release/' || $CI_MERGE_REQUEST_IID