Commit 7687cf1b authored by Russell Dickenson's avatar Russell Dickenson

Merge branch 'schwartz-secure-ca-ds-docs-update-setuppy' into 'master'

Update Dependency Scanning docs for setup.py

See merge request gitlab-org/gitlab!82247
parents 686b1c8e f30ccb8f
...@@ -995,7 +995,13 @@ BUNDLER_AUDIT_ADVISORY_DB_REF_NAME: "master" ...@@ -995,7 +995,13 @@ BUNDLER_AUDIT_ADVISORY_DB_REF_NAME: "master"
BUNDLER_AUDIT_ADVISORY_DB_URL: "gitlab.example.com/ruby-advisory-db.git" BUNDLER_AUDIT_ADVISORY_DB_URL: "gitlab.example.com/ruby-advisory-db.git"
``` ```
#### Python (setup tools) #### Python (pip)
If you need to install Python packages before the analyzer runs, you should use `pip install --user` in the `before_script` of the scanning job. The `--user` flag causes project dependencies to be installed in the user directory. If you do not pass the `--user` option, packages are installed globally, and they are not scanned and don't show up when listing project dependencies.
#### Python (setuptools)
If you need to install Python packages before the analyzer runs, you should use `python setup.py install --user` in the `before_script` of the scanning job. The `--user` flag causes project dependencies to be installed in the user directory. If you do not pass the `--user` option, packages are installed globally, and they are not scanned and don't show up when listing project dependencies.
When using self-signed certificates for your private PyPi repository, no extra job configuration (aside When using self-signed certificates for your private PyPi repository, no extra job configuration (aside
from the template `.gitlab-ci.yml` above) is needed. However, you must update your `setup.py` to from the template `.gitlab-ci.yml` above) is needed. However, you must update your `setup.py` to
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment