期望:CI需要触发构建和测试,然后才应扫描依赖项漏洞
当前行为CI触发器,但仅运行构建并测试未运行Dependency-Scanning.gitlab-ci.yml
stages:
- build
- test
build:
stage: build
script:
- echo "Building"
test:
stage: test
script:
- echo "Testing"
include:
- template: Dependency-Scanning.gitlab-ci.yml
Dependency-Scanning.gitlab-ci.yml可在以下URL中找到 https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml
答案 0 :(得分:0)
您可以尝试将其移至文件顶部。为我工作。
您可以扔掉帖子中的错误吗?如果使用CI棉签,会得到类似的东西吗? https://gitlab.com/amishpanda/cheatsheet/-/ci/lint
Found errors in your .gitlab-ci.yml:
dependency_scanning job: stage parameter should be .pre
setup
build
.post
You can also test your .gitlab-ci.yml in CI Lint