From 055ed1d6cb8d0c4ceec424a2b6954e89185d1fd1 Mon Sep 17 00:00:00 2001
From: Raul Barreras <rbarreras@nebraska.edu>
Date: Fri, 20 Sep 2019 18:00:13 +0000
Subject: [PATCH] Update examples/dependency-check.md
---
examples/dependency-check.md | 19 ++++++++++++++-----
1 file changed, 14 insertions(+), 5 deletions(-)
diff --git a/examples/dependency-check.md b/examples/dependency-check.md
index f2160c1..319f6b8 100644
--- a/examples/dependency-check.md
+++ b/examples/dependency-check.md
@@ -12,24 +12,33 @@
- One 'analysis' stage with one job
- Allows the job to fail without impacting the rest of the CI (allow_failure: true)
+- Export the results as an artifact
``` yml
stages:
- analysis
-variables:
+dependency_check:
stage: analysis
+ image:
+ name: its-registry.unl.edu/unl-its/docker-ci/dependency-check
+ variables:
+ DEPENDENCY_CHECK_OUT_DIR: ./dependency_check_results/
tags:
- docker
script:
- - docker run --rm -v "${PWD}:/work" -w /work its-registry.unl.edu/unl-its/docker-ci/detect-secrets -s -e 4.5
- - docker run --rm -v "${PWD}:/work" -w /work its-registry.unl.edu/unl-its/docker-ci/dependency-check
+ - dependency-check --format ALL -s ./ --out ${DEPENDENCY_CHECK_OUT_DIR} --project ${CI_PROJECT_NAMESPACE}
+ artifacts:
+ paths:
+ - ./dependency_check_results/dependency-check-report.html
+ - ./dependency_check_results/dependency_check_results/dependency-check-report.xml
+ expire_in: 1 day
allow_failure: true
```
## Scan the current directory (must be a git repo)
``` bash
-docker run -it --rm -v "${PWD}:/work" -w /work -e CI_PROJECT_NAMESPACE=`basename $(git rev-parse --show-toplevel)` its-registry.unl.edu/unl-its/docker-ci/dependency-check
-
+CI_PROJECT_NAMESPACE=`basename $(git rev-parse --show-toplevel)`
+docker run -it --rm -v "${PWD}:/work" -w /work -e CI_PROJECT_NAMESPACE=${CI_PROJECT_NAMESPACE} its-registry.unl.edu/unl-its/docker-ci/dependency-check dependency-check --format ALL -s ./ --out ./dependency_check_results --project ${CI_PROJECT_NAMESPACE}
```
--
GitLab