GitLab Version: 16.x - Ultimate
I have a job in GitLab that performs security scans and produces a JSON report for the GitLab Security Dashboard (Vulnerability Report). The current logic is designed to fail the job if there are any critical or high vulnerabilities found in the code.
However, when the job fails, the reports are not displayed in the GitLab Security Dashboard (Vulnerability Report). According to the GitLab documentation on artifact reports (GitLab CI/CD artifacts reports types | GitLab), “Artifacts created for artifacts: reports are always uploaded, regardless of the job results (success or failure).”
In logs I can see below:
Uploading artifacts…
test.json: found 1 matching artifact files and directories
Uploading artifacts as “archive” to coordinator… 201 Created id=826198 responseStatus=201 Created token=64_Rms5m
Uploading artifacts…
test.json: found 1 matching artifact files and directories
Uploading artifacts as “dependency_scanning” to coordinator… 201 Created id=826198 responseStatus=201 Created token=64_Rms5m
However Vulnerability Report dashboard doesnt show the entries.
Sample Code:
pipeline_compliance_extractor:
stage: test
image: alpine:latest
script:
# - perform scan here
- exit 1 #just for simulation.
#- python extractor.py
#- python extract_content.py
cache:
key: hash_txt
paths:
- hash.txt
allow_failure: true # Allow the job to fail
artifacts:
reports:
dependency_scanning: test.json
paths: [test.json]
I would like the reports to be displayed in the GitLab Security Dashboard (Vulnerability Report) even when the job fails. The expectation is that the reports should always be uploaded, regardless of the job result.
My preference is not to create two different jobs to perform scan and upload.
I would appreciate any guidance or suggestions on how to achieve this behavior in GitLab Version 16.x - Ultimate.