From 81b357a9e8b90b69784dceb42a84b1f39aca8727 Mon Sep 17 00:00:00 2001
From: Andy Summers <andrew.summers@wisc.edu>
Date: Tue, 11 Dec 2018 08:28:10 -0600
Subject: [PATCH] Add .gitlab-ci.yml for dependency scanning

Taken from the example at: https://git.doit.wisc.edu/help/ci/examples/dependency_scanning.md
---
 .gitlab-ci.yml | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 .gitlab-ci.yml

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 0000000..c402987
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,17 @@
+dependency_scanning:
+  image: docker:stable
+  variables:
+    DOCKER_DRIVER: overlay2
+  allow_failure: true
+  services:
+    - docker:stable-dind
+  script:
+    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
+    - docker run
+        --env DEP_SCAN_DISABLE_REMOTE_CHECKS="${DEP_SCAN_DISABLE_REMOTE_CHECKS:-false}"
+        --volume "$PWD:/code"
+        --volume /var/run/docker.sock:/var/run/docker.sock
+        "registry.gitlab.com/gitlab-org/security-products/dependency-scanning:$SP_VERSION" /code
+  artifacts:
+    reports:
+      dependency_scanning: gl-dependency-scanning-report.json
-- 
GitLab