6. Add more evidence

Add additional scan results to the release using the Generic Package Repository.

1. Find the 6-add-more-evidence branch in Repository > Branches
2. Click Merge Request to create a new MR from this branch
3. Uncheck Delete source branch when merge request is accepted. if you prefer to keep the branch.
4. Click Create Merge Request
5. Review the changes to .gitlab/Jobs/Container-Scanning.gitlab-ci.yml template
6. Note the release-evidence job, and the needs: keyword on the release job
7. Note the curl upload commands in the script section, these commands upload artifacts from previous jobs in this pipeline to the generic package repository, which is a good place for long-term storage of release artifacts
8. Click Mark as Ready on the Overview tab
9. Click Merge, and wait for the pipeline to complete
10. Create a tag from Repository > Tags
11. Enter a name for the tag, like 1.0.0
12. Select the main branch
13. Click Create Tag, wait for the pipeline to complete
14. View the newly created Release at Deployments > Releases
15. Note the additional evidence under Assets > Other

Edited May 01, 2023 by Paul Pickhardt

Assignee Loading

Time tracking Loading