Use new gitlab-depscan image for dependency scanning

Signed-off-by: Balasankar "Balu" C <balasankarc@autistici.org>

Use new gitlab-depscan image for dependency scanning
dd8d7c60 · Balasankar "Balu" C · f48616e8 · dd8d7c60
Unverified Commit dd8d7c60 authored 4 years ago by Balasankar "Balu" C
--- a/gitlab-ci-config/dev-gitlab-org.yml
+++ b/gitlab-ci-config/dev-gitlab-org.yml
@@ -623,27 +623,14 @@ create_omnibus_manifest:
      - version-manifest.json
  
 dependency_scanning:
-  image: "registry.gitlab.com/gitlab-org/gitlab-build-images:omnibus-gitlab-cve-search"
+  image: "registry.gitlab.com/gitlab-org/security-products/gitlab-depscan:2.0.0"
  stage: package-and-image
-  services:
-    - name: mongo:bionic
-      alias: mongo
  variables:
-    TERM: xterm-256color
    REPORT_PATH: ./
-  before_script:
-    - wget https://storage.googleapis.com/gitlab-depscan/mongo_dump.tar.gz
-    - mkdir /dump
-    - tar --strip-components=1 -C /dump -xf mongo_dump.tar.gz
-    - mongorestore --host mongo /dump
-    - "printf '[Mongo]\nHost: mongo\n' > /app/etc/configuration.ini"
-    - python3 /app/web/index.py > /dev/null 2>&1 &
-    - python3 /app/sbin/db_updater.py -v
+    NVD_DB_UPDATE: "true"
+  before_script: []
  script:
-    - echo ${CVEIGNORE} | sed -r "s/, */\n/g" >> .cveignore
-    # Temporarily hardcoding a working SHA. Check https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/5530
-    # for details
-    - curl -sSL https://gitlab.com/gitlab-org/security-products/gitlab-depscan/raw/cae7e018a8c18582502f60c9d24e66b3c79b45ed/gitlab-depscan.sh|bash -s version-manifest.json
+    - /gitlab-depscan.sh version-manifest.json
  <<: *dev-nightly-and-tag-except-auto-deploy
  needs:
    - create_omnibus_manifest