Skip to content

GitLab config: Failures in job 'dependency_scanning' cannot fail the build

To fully benefit from the advantages of CI/CD, developers need to follow certain principles. Many of these principles have been introduced in the landmark book Continuous Delivery: Reliable Software Releases through Build, Test, and Deployment Automation and are nowadays widely accepted. One of these principles is:

Every executed job should be able to fail the build. If not, developers can miss or ignore the underlying issue, which adds technical debt and might result in problems later.

Problem: We analyzed your project and found that the file .gitlab-ci.yml (line 23) violates this principle. Failures of job dependency_scanning (in stage security), cannot fail the build:

dependency_scanning:
    ...
    allow_failure: true
    ...

Suggested Fix: To follow the principle, you should set allow_failure: false.

Disclaimer: This issue has been automatically reported by CD-Linter, a tool developed at the University of Zurich that detects CI/CD violations in the GitLab CI/CD pipeline configuration. We are currently evaluating the effectiveness of our tool and we are monitoring this issue.

Please up/downvote this issue to indicate whether you agree/disagree with the report.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information