Resolve "Integrate dependency-check container with Sonarqube"

Closes #12 (closed)

examples/dependency-check.md

@@ -12,24 +12,33 @@
 
 - One 'analysis' stage with one job  
 - Allows the job to fail without impacting the rest of the CI (allow_failure: true)
+- Export the results as an artifact
 
 
 ``` yml
 stages:
   - analysis 
-variables:
+dependency_check:
   stage: analysis
+  image: 
+    name: its-registry.unl.edu/unl-its/docker-ci/dependency-check
+  variables:
+    DEPENDENCY_CHECK_OUT_DIR: ./dependency_check_results/
   tags:
     - docker
   script:
-    - docker run --rm -v "${PWD}:/work" -w /work its-registry.unl.edu/unl-its/docker-ci/detect-secrets -s -e 4.5
-    - docker run --rm -v "${PWD}:/work" -w /work its-registry.unl.edu/unl-its/docker-ci/dependency-check
+    - dependency-check --format ALL -s ./ --out ${DEPENDENCY_CHECK_OUT_DIR} --project ${CI_PROJECT_NAMESPACE}
+  artifacts:
+    paths:
+      - ./dependency_check_results/dependency-check-report.html
+      - ./dependency_check_results/dependency_check_results/dependency-check-report.xml
+    expire_in: 1 day
   allow_failure: true
 ``` 
 
 ## Scan the current directory (must be a git repo)
 
 ``` bash
-docker run -it --rm -v "${PWD}:/work" -w /work -e CI_PROJECT_NAMESPACE=`basename $(git rev-parse --show-toplevel)` its-registry.unl.edu/unl-its/docker-ci/dependency-check
-
+CI_PROJECT_NAMESPACE=`basename $(git rev-parse --show-toplevel)`
+docker run -it --rm -v "${PWD}:/work" -w /work -e CI_PROJECT_NAMESPACE=${CI_PROJECT_NAMESPACE} its-registry.unl.edu/unl-its/docker-ci/dependency-check dependency-check --format ALL -s ./ --out ./dependency_check_results --project ${CI_PROJECT_NAMESPACE}
 ```