|Open||sbassett||T289290 Design and Build Application Security Pipeline Components for Gitlab|
|Resolved||brennen||T289292 Create Security Team group within gitlab.wikimedia.org|
|Stalled||sbassett||T289293 Create initial proof of concept application security pipeline repository|
|Invalid||None||T294307 Research and design basic ci processing scripts (to exit 1 for tools that report errors and generate report artifacts)|
It would be nice to have a working example of this, and some accompanying documentation, but I'm not sure if/when this paradigm should be followed. That would likely need to be clarified within a Wikimedia .gitlab-ci.yml style guide. Yes, this will likely always be the "cleanest" approach, but it might also be more of a hassle given the ease and flexibility that most security-related reporting can likely be accomplished by simple shell commands, python -c one-liners, etc. And the fact that, currently, gerrit + jenkins ci tends to favor raw output over report artifact generation for the time being.