Skip to content

Add our own Gemnasium DB Mirror

Story

As a DevTools customer's pipeline, I would like to access a Gemnasium DB through egress proxy, So that I can scan dependencies with Gemnasium.

Solution

  • Add a Gemnasium DB someplace accessible from glr-workers, e.g. our GDG instance.
  • Come up with a process to keep that G-DB updated automatically.
  • Set GEMNASIUM_DB_REMOTE_URL to override the default URL (which is on gitlab.com).

Acceptance Criteria

  • Gemnasium tests past without adding anything (gitlab.com) to the custom egress allowlist.
  • Gemnasium DB is updated automatically.