Dependency scanning job isn't writing to json file

tobias49 · June 7, 2024, 12:10am

I’ve got a simple dependency_scan job using npm install/audit following the instructions here -

`include:

template: Jobs/Dependency-Scanning.gitlab-ci.yml

dependency_scan:
stage: test
script:
- npm install
artifacts:
reports:
dependency_scanning: gl-dependency-scanning-report.json
allow_failure: true`

It’s not writing to the json file and it’s outputting seemingly quite popular warning -

Uploading artifacts... gl-dependency-scanning-report.json: found 1 matching artifact files and directories WARNING: Upload request redirected location=https://gitlab.com/api/v4/jobs/6951641315/artifacts?artifact_format=raw&artifact_type=dependency_scanning new-url=https://gitlab.com WARNING: Retrying... context=artifacts-uploader error=request redirected Uploading artifacts as "dependency_scanning" to coordinator... 201 Created id=6951641315 responseStatus=201 Created token=glcbt-65 Cleaning up project directory and file based variables

Is it not possible to do this, and, how do I avoid these warnings?

Versions GitLab Enterprise Edition 17.1.0-pre fe0a1083c72

thiagocsf · June 12, 2024, 4:08am

You have overridden the script which is used in the dependency scanning template to run the analyzer.

Try using before_script instead.

tobias49 · June 12, 2024, 4:46pm

ahhhh, now I get it, wasn’t sure what you. meant in you post on my bug report, thnx!

Topic		Replies	Views
Dependency scanner DevSecOps	0	515	January 31, 2019
Gitlab CI run code quality not generate .json file GitLab CI/CD ci , runner , docker	0	1506	March 7, 2019
[Solved] Why pipeline missed generating artifacts GitLab CI/CD	1	1073	May 11, 2017
How to use Security job artifacts in job dependencies? GitLab CI/CD ci	1	2364	January 19, 2023
Code quality job doesn't generate artifact How to Use GitLab ci , runner , artifact	3	2961	June 19, 2019

Dependency scanning job isn't writing to json file

Related topics