Skip to content
Snippets Groups Projects
Commit 257aa351 authored by Manuel Menz's avatar Manuel Menz
Browse files

add config to upload bom (planning#1330)

parent 28eca96f
No related tags found
1 merge request!97add config to upload bom (planning#1330)
Pipeline #57363 passed
Stage: lint
Stage: cve-scan
Stage: build
Stage: deploy
Stage: .post
Hide whitespace changes
Inline Side-by-side
Showing
with 7 additions and 0 deletions
ci/gitlab-ci.yml
+ 7
0
View file @ 257aa351
......@@ -18,6 +18,7 @@ stages:
- cve-scan
- build
- deploy
- upload
variables:
DEPLOY_SERVER: fitko@dorado.uberspace.de
......@@ -108,10 +109,16 @@ trivy-filesystem:
entrypoint: [""]
script:
- trivy filesystem --download-db-only
- trivy filesystem --format cyclonedx --output sbom-src.json .
- trivy filesystem --scanners vuln,config --exit-code 1 --severity HIGH,CRITICAL yarn.lock
- trivy filesystem --scanners vuln,config --exit-code 0 --severity UNKNOWN,LOW,MEDIUM yarn.lock
cache: []
dtrack-sbom-fs-main:
extends: .dtrack-sbom-fs-main
dtrack-sbom-fs-tag:
extends: .dtrack-sbom-fs-tag
yarn-audit:
stage: cve-scan
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment