Add security scanning to CI pipeline
What does this MR do and why?
Copies over security scanning from gitlab-docs
, dropping Ruby-related scanners (Brakeman) and the deprecated nodejs scanner.
gitlab-docs
version: https://gitlab.com/gitlab-org/gitlab-docs/-/blob/main/.gitlab/ci/security.gitlab-ci.yml?ref_type=heads
Pipeline output
- Security report: https://gitlab.com/gitlab-org/technical-writing-group/gitlab-docs-hugo/-/pipelines/1257351018/security
Individual jobs:
- gemnasium: https://gitlab.com/gitlab-org/technical-writing-group/gitlab-docs-hugo/-/jobs/6651005045
- secret_detection: https://gitlab.com/gitlab-org/technical-writing-group/gitlab-docs-hugo/-/jobs/6651005051
- semgrep-analyzer: https://gitlab.com/gitlab-org/technical-writing-group/gitlab-docs-hugo/-/jobs/6651005048
Merge request acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this merge request.
Edited by Sarah German