Add poetry.lock file to dependency scanning template
What does this MR do and why?
This MR updates the dependency scanning ci template to run gemnasium-python
if a poetry.lock
file exists 0-2 levels beneath the working directory. As
part of the implementation plan of #7006 (closed), the relevant
documentation for this will be updated in !87161 (merged).
Screenshots or screen recordings
How to set up and validate locally
- Import the test python-poetry project locally.
- Create a new branch and update the
.gitlab-ci.yml
:stages: - test - qa include: # Security Products features - template: Jobs/Dependency-Scanning.gitlab-ci.yml # Security Products features QA - https://gitlab.com/gitlab-org/security-products/ci-templates/raw/master/includes-dev/qa-dependency_scanning.yml
- Trigger a pipeline run with the variable
DS_MAJOR_VERSION
set to3
. - The pipeline should security widget should show the
poetry.lock
deps found.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Oscar Tovar