Add jobs template for Dependency Scanning and License Scanning
What does this MR do and why?
- Point Security/Dependency-Scanning.gitlab-ci.yml to newly added Jobs/Dependency-Scanning.gitlab-ci.yml
- Point Security/License-Scanning.gitlab-ci.yml to newly added Jobs/License-Scanning.gitlab-ci.yml
Notes:
- We keep
Security
reference in AutoDevOps template and doesn't change it. - We don't change references in the documentation
WHY
TLDR it makes us closer to migrate out of Security
subdir to align with the rest of the company and makes it a bit cleaner for people to include our features from the UI (at least until something like #24939 (closed) gets prioritized). The later is the main reason why Static Analysis did the move earlier as they were pushing for configuring SAST in core. This is well explained in #292977 (closed). I'm not a very big fan of the approach, but it is a borring solution until we have a proper way to correcly compose a Gitlab CI file from the UI.
See #27825 (closed) for more context.
Screenshots or screen recordings
These are strongly recommended to assist reviewers and reduce the time to merge your change.
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.