Merge branch 'master' into 'master'

fix: add MAVEN_DEPENDENCY_CHECK_DISABLED variable See merge request to-be-continuous/maven!42

Merge branch 'master' into 'master'
141cc794 · Pierre Smeyers · 1f88138e · 912e0f39 · 141cc794 · 141cc794
Commit 141cc794 authored 2 years ago by Pierre Smeyers
--- a/README.md
+++ b/README.md
@@ -107,8 +107,10 @@ It is bound to the `test` stage, and uses the following variables:

 | Name                  | description                            | default value     |
 | --------------------- | -------------------------------------- | ----------------- |
+| `MAVEN_DEPENDENCY_CHECK_DISABLED` | Set to `true` to disable this job | _none_ |
 | `MAVEN_DEPENDENCY_CHECK_ARGS` | Maven arguments for Dependency Check job | `org.owasp:dependency-check-maven:check -DretireJsAnalyzerEnabled=false -DassemblyAnalyzerEnabled=false` |

+
 A Dependency Check is a quite long operation and therefore the job is configured to be ran __manually__ by default.

 However, if you want to enable an automatic Dependency-Check scan, you will have to override the `rules` keyword for the `mvn-dependency-check` job.

--- a/kicker.json
+++ b/kicker.json
@@ -84,6 +84,7 @@
      "id": "dependency-check",
      "name": "Dependency-Check",
      "description": "[Dependency-Check](https://jeremylong.github.io/DependencyCheck/dependency-check-maven/configuration.html) analysis",
+      "disable_with": "MAVEN_DEPENDENCY_CHECK_DISABLED",
      "variables": [
        {
          "name": "MAVEN_DEPENDENCY_CHECK_ARGS",
@@ -97,13 +98,7 @@
      "id": "forbid-snapshot-dependencies",
      "name": "Snapshot dependencies verification",
      "description": "This job verifies your project has no _snapshot_ dependencies. Failure is allowed in feature branches.",
-      "variables": [
-        {
-          "name": "MVN_FORBID_SNAPSHOT_DEPENDENCIES_DISABLED",
-          "description": "Disable the job",
-          "type": "boolean"
-        }
-      ]
+      "disable_with": "MVN_FORBID_SNAPSHOT_DEPENDENCIES_DISABLED"
    },
    {
      "id": "publish",

--- a/templates/gitlab-ci-maven.yml
+++ b/templates/gitlab-ci-maven.yml
@@ -459,6 +459,9 @@ mvn-dependency-check:
    paths:
      - "${MAVEN_PROJECT_DIR}/**/target/dependency-check-report.*"
  rules:
+    # exclude if disable
+    - if: '$MAVEN_DEPENDENCY_CHECK_DISABLED == "true"'
+      when: never
    # on schedule: auto
    - if: '$CI_PIPELINE_SOURCE == "schedule"'
      allow_failure: true