Add latest changes from gitlab-org/gitlab@master
This commit is contained in:
parent
9b8aeacf0e
commit
e6ee46c1e4
|
@ -2696,18 +2696,19 @@ you can use this image from the GitLab Container Registry: `registry.gitlab.com/
|
|||
|
||||
**Example of `release` keyword**:
|
||||
|
||||
```yaml
|
||||
release_job:
|
||||
stage: release
|
||||
image: registry.gitlab.com/gitlab-org/release-cli:latest
|
||||
rules:
|
||||
- if: $CI_COMMIT_TAG # Run this job when a tag is created manually
|
||||
script:
|
||||
- echo "Running the release job."
|
||||
release:
|
||||
name: 'Release $CI_COMMIT_TAG'
|
||||
description: 'Release created using the release-cli.'
|
||||
```
|
||||
```yaml
|
||||
release_job:
|
||||
stage: release
|
||||
image: registry.gitlab.com/gitlab-org/release-cli:latest
|
||||
rules:
|
||||
- if: $CI_COMMIT_TAG # Run this job when a tag is created manually
|
||||
script:
|
||||
- echo "Running the release job."
|
||||
release:
|
||||
tag_name: $CI_COMMIT_TAG
|
||||
name: 'Release $CI_COMMIT_TAG'
|
||||
description: 'Release created using the release-cli.'
|
||||
```
|
||||
|
||||
This example creates a release:
|
||||
|
||||
|
|
|
@ -889,7 +889,7 @@ Please check the [Release Process documentation](https://gitlab.com/gitlab-org/s
|
|||
## Contributing to the vulnerability database
|
||||
|
||||
You can search the [`gemnasium-db`](https://gitlab.com/gitlab-org/security-products/gemnasium-db) project
|
||||
to find a vulnerability in the Gemnasium database.
|
||||
to find a vulnerability in the GitLab Advisory Database.
|
||||
You can also [submit new vulnerabilities](https://gitlab.com/gitlab-org/security-products/gemnasium-db/blob/master/CONTRIBUTING.md).
|
||||
|
||||
## Running dependency scanning in an offline environment
|
||||
|
|
|
@ -52,7 +52,7 @@ The following vulnerability scanners and their databases are regularly updated:
|
|||
| Secure scanning tool | Vulnerabilities database updates |
|
||||
|:----------------------------------------------------------------|:---------------------------------|
|
||||
| [Container Scanning](container_scanning/index.md) | A job runs on a daily basis to build new images with the latest vulnerability database updates from the upstream scanner. For more details, see [Vulnerabilities database update](container_scanning/index.md#vulnerabilities-database-update). |
|
||||
| [Dependency Scanning](dependency_scanning/index.md) | Relies on `bundler-audit` (for Ruby gems), `retire.js` (for npm packages), and `gemnasium` (the GitLab tool for all libraries). Both `bundler-audit` and `retire.js` fetch their vulnerabilities data from GitHub repositories, so vulnerabilities added to `ruby-advisory-db` and `retire.js` are immediately available. The tools themselves are updated once per month if there's a new version. The [Gemnasium DB](https://gitlab.com/gitlab-org/security-products/gemnasium-db) is updated on a daily basis using [data from NVD, the `ruby-advisory-db` and the GitHub Security Advisory Database as data sources](https://gitlab.com/gitlab-org/security-products/gemnasium-db/-/blob/master/SOURCES.md). See our [current measurement of time from CVE being issued to our product being updated](https://about.gitlab.com/handbook/engineering/development/performance-indicators/#cve-issue-to-update). |
|
||||
| [Dependency Scanning](dependency_scanning/index.md) | Relies on `bundler-audit` (for Ruby gems), `retire.js` (for npm packages), and `gemnasium` (the GitLab tool for all libraries). Both `bundler-audit` and `retire.js` fetch their vulnerabilities data from GitHub repositories, so vulnerabilities added to `ruby-advisory-db` and `retire.js` are immediately available. The tools themselves are updated once per month if there's a new version. The [GitLab Advisory Database](https://gitlab.com/gitlab-org/security-products/gemnasium-db) is updated on a daily basis using [data from NVD, the `ruby-advisory-db` and the GitHub Advisory Database as data sources](https://gitlab.com/gitlab-org/security-products/gemnasium-db/-/blob/master/SOURCES.md). See our [current measurement of time from CVE being issued to our product being updated](https://about.gitlab.com/handbook/engineering/development/performance-indicators/#cve-issue-to-update). |
|
||||
| [Dynamic Application Security Testing (DAST)](dast/index.md) | The scanning engine is updated on a periodic basis. See the [version of the underlying tool `zaproxy`](https://gitlab.com/gitlab-org/security-products/dast/blob/main/Dockerfile#L1). The scanning rules are downloaded at scan runtime. |
|
||||
| [Static Application Security Testing (SAST)](sast/index.md) | Relies exclusively on [the tools GitLab wraps](sast/index.md#supported-languages-and-frameworks). The underlying analyzers are updated at least once per month if a relevant update is available. The vulnerabilities database is updated by the upstream tools. |
|
||||
|
||||
|
|
|
@ -121,6 +121,7 @@ module QA
|
|||
source: {
|
||||
name: "GitHub",
|
||||
project_name: github_repo,
|
||||
address: "https://github.com",
|
||||
data: {
|
||||
branches: gh_branches.length,
|
||||
commits: gh_commits.length,
|
||||
|
@ -135,6 +136,7 @@ module QA
|
|||
target: {
|
||||
name: "GitLab",
|
||||
project_name: imported_project.path_with_namespace,
|
||||
address: QA::Runtime::Scenario.gitlab_address,
|
||||
data: {
|
||||
branches: gl_branches.length,
|
||||
commits: gl_commits.length,
|
||||
|
|
|
@ -115,6 +115,7 @@ module QA
|
|||
source: {
|
||||
name: "GitLab Source",
|
||||
project_name: source_project.path_with_namespace,
|
||||
address: gitlab_source_address,
|
||||
data: {
|
||||
branches: source_branches.length,
|
||||
commits: source_commits.length,
|
||||
|
@ -130,6 +131,7 @@ module QA
|
|||
target: {
|
||||
name: "GitLab Target",
|
||||
project_name: imported_project.path_with_namespace,
|
||||
address: QA::Runtime::Scenario.gitlab_address,
|
||||
data: {
|
||||
branches: branches.length,
|
||||
commits: commits.length,
|
||||
|
|
Loading…
Reference in New Issue