6. Add more evidence
Add additional scan results to the release using the Generic Package Repository.
-
1. Find the 6-add-more-evidence
branch inRepository > Branches
-
2. Click Merge Request
to create a new MR from this branch -
3. Uncheck Delete source branch when merge request is accepted.
if you prefer to keep the branch. -
4. Click Create Merge Request
-
5. Review the changes to .gitlab/Jobs/Container-Scanning.gitlab-ci.yml
template -
6. Note the release-evidence
job, and theneeds:
keyword on therelease
job -
7. Note the curl
upload commands in thescript
section, these commands upload artifacts from previous jobs in this pipeline to the generic package repository, which is a good place for long-term storage of release artifacts -
8. Click Mark as Ready
on theOverview
tab -
9. Click Merge
, and wait for the pipeline to complete -
10. Create a tag from Repository > Tags
-
11. Enter a name for the tag, like 1.0.0
-
12. Select the main branch -
13. Click Create Tag
, wait for the pipeline to complete -
14. View the newly created Release at Deployments > Releases
-
15. Note the additional evidence under Assets > Other
Edited by Paul Pickhardt