-
Notifications
You must be signed in to change notification settings - Fork 291
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[SINT-1892] Run Datadog SCA in CI #4203
base: master
Are you sure you want to change the base?
Conversation
Overall package sizeSelf size: 6.25 MB Dependency sizes
🤖 This report was automatically generated by heaviest-objects-in-the-universe |
9a6bab0
to
2761fad
Compare
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #4203 +/- ##
=======================================
Coverage 85.23% 85.23%
=======================================
Files 247 247
Lines 10956 10956
Branches 33 33
=======================================
Hits 9338 9338
Misses 1618 1618 ☔ View full report in Codecov by Sentry. |
BenchmarksBenchmark execution time: 2024-03-28 20:47:54 Comparing candidate commit 6145006 in PR branch Found 0 performance improvements and 0 performance regressions! Performance is the same for 261 metrics, 5 unstable metrics. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the job seems to be failing right now
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me! It seems the job fails to retrieve the Datadog API key . Did you set it correctly in SSM?
- export DD_APP_KEY=$(aws ssm get-parameter --region us-east-1 --name "ci.dd-trace-js.datadog_app_key_org2" --with-decryption --query "Parameter.Value" --out text) | ||
- set -o xtrace | ||
- osv-scanner --skip-git --recursive --experimental-only-packages --format=cyclonedx-1-4 --output=/tmp/sbom.json . | ||
- datadog-ci sbom upload --service integrations-core --env ci /tmp/sbom.json |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you set the service to dd-trace-js
please?
What does this PR do?
Add a new Gitlab CI job that dogfoods the Datadog SCA product
Motivation
@DataDog/software-integrity-and-trust partners with @DataDog/static-analysis to dogfood their SCA product and secure Datadog's supply chain.
Additional Notes