From b440cb8dcb2f9030016d50d26a3a74e65a34fe50 Mon Sep 17 00:00:00 2001 From: Mondo Diaz Date: Thu, 15 Jan 2026 20:35:14 +0000 Subject: [PATCH] Add Prosper security scan jobs to deploy dependencies Block deploys if any security scan fails: - app_deps_scan (dependency vulnerabilities) - cve_scan (CVE scanning) - cve_sbom_analysis (SBOM CVE analysis) - app_sbom_analysis (SBOM analysis) --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index ba8670f..fb33267 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -175,7 +175,7 @@ frontend_tests: # Shared deploy configuration .deploy_template: &deploy_template stage: deploy - needs: [build_image, kics, hadolint, python_tests, frontend_tests, secrets] + needs: [build_image, kics, hadolint, python_tests, frontend_tests, secrets, app_deps_scan, cve_scan, cve_sbom_analysis, app_sbom_analysis] image: deps.global.bsf.tools/registry-1.docker.io/alpine/k8s:1.29.12 .helm_setup: &helm_setup