fix(core): update
This commit is contained in:
parent
0d19c1c68d
commit
524b405773
@ -34,6 +34,28 @@ snyk:
|
|||||||
- docker
|
- docker
|
||||||
- notpriv
|
- notpriv
|
||||||
|
|
||||||
|
sast:
|
||||||
|
stage: security
|
||||||
|
image: docker:stable
|
||||||
|
variables:
|
||||||
|
DOCKER_DRIVER: overlay2
|
||||||
|
allow_failure: true
|
||||||
|
services:
|
||||||
|
- docker:stable-dind
|
||||||
|
script:
|
||||||
|
- export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
|
||||||
|
- docker run
|
||||||
|
--env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}"
|
||||||
|
--volume "$PWD:/code"
|
||||||
|
--volume /var/run/docker.sock:/var/run/docker.sock
|
||||||
|
"registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code
|
||||||
|
artifacts:
|
||||||
|
reports:
|
||||||
|
sast: gl-sast-report.json
|
||||||
|
tags:
|
||||||
|
- docker
|
||||||
|
- priv
|
||||||
|
|
||||||
# ====================
|
# ====================
|
||||||
# test stage
|
# test stage
|
||||||
# ====================
|
# ====================
|
||||||
|
@ -28,11 +28,14 @@ export let mirror = async () => {
|
|||||||
const githubToken = process.env.NPMCI_GIT_GITHUBTOKEN;
|
const githubToken = process.env.NPMCI_GIT_GITHUBTOKEN;
|
||||||
const githubUser = process.env.NPMCI_GIT_GITHUBGROUP || repo.user;
|
const githubUser = process.env.NPMCI_GIT_GITHUBGROUP || repo.user;
|
||||||
const githubRepo = process.env.NPMCI_GIT_GITHUB || repo.repo;
|
const githubRepo = process.env.NPMCI_GIT_GITHUB || repo.repo;
|
||||||
if(
|
if (
|
||||||
configObject.projectInfo.npm.packageJson.private === true ||
|
configObject.projectInfo.npm.packageJson.private === true ||
|
||||||
configObject.npmAccessLevel === 'private'
|
configObject.npmAccessLevel === 'private'
|
||||||
) {
|
) {
|
||||||
logger.log('warn', `refusing to mirror due to private property use a private mirror location instead`);
|
logger.log(
|
||||||
|
'warn',
|
||||||
|
`refusing to mirror due to private property use a private mirror location instead`
|
||||||
|
);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
if (githubToken) {
|
if (githubToken) {
|
||||||
|
@ -42,7 +42,9 @@ const prepare = async () => {
|
|||||||
await plugins.smartparam.forEachMinimatch(process.env, 'NPMCI_TOKEN_NPM*', npmEnvArg => {
|
await plugins.smartparam.forEachMinimatch(process.env, 'NPMCI_TOKEN_NPM*', npmEnvArg => {
|
||||||
const npmRegistryUrl = npmEnvArg.split('|')[0];
|
const npmRegistryUrl = npmEnvArg.split('|')[0];
|
||||||
const npmToken = npmEnvArg.split('|')[1];
|
const npmToken = npmEnvArg.split('|')[1];
|
||||||
npmrcFileString += `//${npmRegistryUrl}/:_authToken="${plugins.smartstring.base64.decode(npmToken)}"\n`;
|
npmrcFileString += `//${npmRegistryUrl}/:_authToken="${plugins.smartstring.base64.decode(
|
||||||
|
npmToken
|
||||||
|
)}"\n`;
|
||||||
});
|
});
|
||||||
logger.log('info', `setting default npm registry to ${config.npmRegistryUrl}`);
|
logger.log('info', `setting default npm registry to ${config.npmRegistryUrl}`);
|
||||||
npmrcFileString += `registry=https://${config.npmRegistryUrl}\n`;
|
npmrcFileString += `registry=https://${config.npmRegistryUrl}\n`;
|
||||||
|
Loading…
Reference in New Issue
Block a user