Commit e138c828 authored by Evan Read's avatar Evan Read

Merge branch 'stkerr-update-pipeline-inclusion-in-docs' into 'master'

Update a sentence about automatic pipeline inclusion

See merge request gitlab-org/gitlab!84593
parents 876b683c e7ae3bdd
...@@ -89,15 +89,11 @@ read-only view to discourage this behavior. ...@@ -89,15 +89,11 @@ read-only view to discourage this behavior.
Compliance framework pipelines allow group owners to define Compliance framework pipelines allow group owners to define
a compliance pipeline in a separate repository that gets a compliance pipeline in a separate repository that gets
executed in place of the local project's `gitlab-ci.yml` file. As part of this pipeline, an executed in place of the local project's `gitlab-ci.yml` file. As part of this pipeline, an
`include` statement can reference the local project's `gitlab-ci.yml` file. This way, the two CI `include` statement can reference the local project's `gitlab-ci.yml` file. This way, the compliance
files are merged together any time the pipeline runs. Jobs and variables defined in the compliance pipeline jobs can run alongside the project-specific jobs any time the pipeline runs.
Jobs and variables defined in the compliance
pipeline can't be changed by variables in the local project's `gitlab-ci.yml` file. pipeline can't be changed by variables in the local project's `gitlab-ci.yml` file.
When used to enforce scan execution, this feature has some overlap with [scan execution policies](../../application_security/policies/scan-execution-policies.md),
as we have not [unified the user experience for these two features](https://gitlab.com/groups/gitlab-org/-/epics/7312).
For details on the similarities and differences between these features, see
[Enforce scan execution](../../application_security/#enforce-scan-execution).
When you set up the compliance framework, use the **Compliance pipeline configuration** box to link When you set up the compliance framework, use the **Compliance pipeline configuration** box to link
the compliance framework to specific CI/CD configuration. Use the the compliance framework to specific CI/CD configuration. Use the
`path/file.y[a]ml@group-name/project-name` format. For example: `path/file.y[a]ml@group-name/project-name` format. For example:
...@@ -185,6 +181,11 @@ include: # Execute individual project's configuration (if project contains .git ...@@ -185,6 +181,11 @@ include: # Execute individual project's configuration (if project contains .git
ref: '$CI_COMMIT_REF_NAME' # Must be defined or MR pipelines always use the use default branch ref: '$CI_COMMIT_REF_NAME' # Must be defined or MR pipelines always use the use default branch
``` ```
When used to enforce scan execution, this feature has some overlap with [scan execution policies](../../application_security/policies/scan-execution-policies.md),
as we have not [unified the user experience for these two features](https://gitlab.com/groups/gitlab-org/-/epics/7312).
For details on the similarities and differences between these features, see
[Enforce scan execution](../../application_security/#enforce-scan-execution).
##### Ensure compliance jobs are always run ##### Ensure compliance jobs are always run
Compliance pipelines use GitLab CI/CD to give you an incredible amount of flexibility Compliance pipelines use GitLab CI/CD to give you an incredible amount of flexibility
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment