From 38e9c195ddbb7957835b0bbd16066fc733ecd99f Mon Sep 17 00:00:00 2001 From: Fabien Catteau Date: Mon, 11 May 2020 09:54:28 +0000 Subject: [PATCH 1/4] Make DS_DISABLE_DIND true Change the default value of DS_DISABLE_DIND to true, to disable the Docker-in-Docker orchestrator. --- .../ci/templates/Security/Dependency-Scanning.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml index 24c5d73f8d1428..0052d9c496c357 100644 --- a/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml @@ -14,7 +14,7 @@ variables: DS_DEFAULT_ANALYZERS: "bundler-audit, retire.js, gemnasium, gemnasium-maven, gemnasium-python" DS_MAJOR_VERSION: 2 - DS_DISABLE_DIND: "false" + DS_DISABLE_DIND: "true" dependency_scanning: stage: test -- GitLab From ad6362caf5b16e32bb345f9f2ffcfc21cb9d1f49 Mon Sep 17 00:00:00 2001 From: Fabien Catteau Date: Tue, 12 May 2020 12:52:16 +0000 Subject: [PATCH 2/4] Add changelog entry Add unreleased changelog entry for MR. --- changelogs/unreleased/37278-DS_DISABLE_DIND-true.yml | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 changelogs/unreleased/37278-DS_DISABLE_DIND-true.yml diff --git a/changelogs/unreleased/37278-DS_DISABLE_DIND-true.yml b/changelogs/unreleased/37278-DS_DISABLE_DIND-true.yml new file mode 100644 index 00000000000000..95d2336b45ceb4 --- /dev/null +++ b/changelogs/unreleased/37278-DS_DISABLE_DIND-true.yml @@ -0,0 +1,5 @@ +--- +title: 'Disable Docker-in-Docker for Dependency Scanning by default' +merge_request: 31588 +author: +type: changed \ No newline at end of file -- GitLab From 90bd7ad9bcccf0786df60d425d081828faa6a10a Mon Sep 17 00:00:00 2001 From: Fabien Catteau Date: Tue, 12 May 2020 14:58:04 +0000 Subject: [PATCH 3/4] Add new line Add new line character at the end of file --- changelogs/unreleased/37278-DS_DISABLE_DIND-true.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelogs/unreleased/37278-DS_DISABLE_DIND-true.yml b/changelogs/unreleased/37278-DS_DISABLE_DIND-true.yml index 95d2336b45ceb4..36c068c5c8df4a 100644 --- a/changelogs/unreleased/37278-DS_DISABLE_DIND-true.yml +++ b/changelogs/unreleased/37278-DS_DISABLE_DIND-true.yml @@ -2,4 +2,4 @@ title: 'Disable Docker-in-Docker for Dependency Scanning by default' merge_request: 31588 author: -type: changed \ No newline at end of file +type: changed -- GitLab From c4e2699c9f283fa62c4fffaf04acc0b1572ac000 Mon Sep 17 00:00:00 2001 From: Fabien Catteau Date: Wed, 13 May 2020 12:07:18 +0200 Subject: [PATCH 4/4] Update DS template spec Update spec for Dependency Scanning CI configuration template. --- .../dependency_scanning_gitlab_ci_yaml_spec.rb | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/ee/spec/lib/gitlab/ci/templates/dependency_scanning_gitlab_ci_yaml_spec.rb b/ee/spec/lib/gitlab/ci/templates/dependency_scanning_gitlab_ci_yaml_spec.rb index a6466890f3d477..72b1cf2e165630 100644 --- a/ee/spec/lib/gitlab/ci/templates/dependency_scanning_gitlab_ci_yaml_spec.rb +++ b/ee/spec/lib/gitlab/ci/templates/dependency_scanning_gitlab_ci_yaml_spec.rb @@ -33,7 +33,11 @@ allow(License).to receive(:current).and_return(license) end - context 'by default' do + context 'when DS_DISABLE_DIND=false' do + before do + create(:ci_variable, project: project, key: 'DS_DISABLE_DIND', value: 'false') + end + it 'includes orchestrator job' do expect(build_names).to match_array(%w[dependency_scanning]) end @@ -49,11 +53,7 @@ end end - context 'when DS_DISABLE_DIND=true' do - before do - create(:ci_variable, project: project, key: 'DS_DISABLE_DIND', value: 'true') - end - + context 'by default' do describe 'language detection' do using RSpec::Parameterized::TableSyntax -- GitLab