Whitesource Configuration for GitLab Pipeline
The following configuration derives values from predefined GitLab Variables
whitesource.conf
# Providing project information from GitLab CI
wss_project_name="$CI_PROJECT_NAME"
wss_project_version="$CI_JOB_ID"
wss_project_tag="$CI_COMMIT_TAG"
# Providing product information
wss_product_name="The Product Name"
wss_product_version="$POM_VERSION"
# Analyze the Maven POM and its transitive dependencies only, no file-system check
# Use this only if you don't have any extra checked in jar-files or stuff like that!
fileSystemScan=false
includes=pom.xml
# Only scanning the Maven project
resolveAllDependencies=false
maven.resolveDependencies=true
The $POM_VERSION
may be resolved using the maven-help-plugin like this:
export POM_VERSION=$(mvn org.apache.maven.plugins:maven-help-plugin:3.1.0:evaluate -Dexpression=project.version -q -DforceStdout)