Commit e837d5a0 authored by Suzanne Selhorn's avatar Suzanne Selhorn

Merge branch 'docs-remove-gemnasium' into 'master'

Remove Gemnasium doc

See merge request gitlab-org/gitlab!60866
parents 6b180506 d19c2e23
---
type: reference, howto
stage: Manage
group: Import
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
redirect_to: 'index.md'
---
# Gemnasium **(ULTIMATE)**
This document was deleted.
This guide describes how to migrate from Gemnasium.com to your own GitLab
instance or GitLab.com.
## Why is Gemnasium.com closed?
Gemnasium was [acquired by GitLab](https://about.gitlab.com/press/releases/2018-01-30-gemnasium-acquisition.html)
in January 2018. Since May 15, 2018, the services provided by Gemnasium are no longer available.
The team behind Gemnasium has joined GitLab as the new Security Products team
and is working on a [wide range of tools](../../application_security/index.md),
including:
- [Dependency Scanning](../../application_security/dependency_scanning/index.md)
- [SAST](../../application_security/sast/index.md)
- [DAST](../../application_security/dast/index.md)
- [Container Scanning](../../application_security/container_scanning/index.md)
If you want to continue monitoring your dependencies, see the
[Migrating to GitLab](#migrating-to-gitlab) section below.
## What happened to my account?
Your account has been automatically closed on May 15th, 2018. If you had a paid
subscription at that time, your card will be refunded on a
<!-- vale gitlab.Spelling = NO --> pro rata temporis <!-- vale gitlab.Spelling = YES --> basis.
You may contact `gemnasium@gitlab.com` regarding your closed account.
## Are my account/data transferred to GitLab Inc.?
All accounts and data have been deleted on May 15th, 2018. GitLab Inc.
doesn't know anything about your private data, nor your projects, and therefore
if they were vulnerable or not. GitLab Inc. takes personal information very seriously.
## What happened to my badge?
To avoid broken 404 images, all badges pointing to Gemnasium.com are a
placeholder, inviting you to migrate to GitLab (and pointing to this page).
## Migrating to GitLab
Gemnasium has been ported and integrated directly into GitLab CI/CD.
You can still benefit from our dependency monitoring features, and it requires
some steps to migrate your projects. There is no automatic import since GitLab
doesn't know anything about any projects which existed on Gemnasium.com.
Security features are free for public (open-source) projects hosted on GitLab.com.
### If your project is hosted on GitLab (`https://gitlab.com` / self-managed)
You're almost set! If you're already using
[Auto DevOps](../../../topics/autodevops/), you are already covered.
Otherwise, you must configure your `.gitlab-ci.yml` according to the
[dependency scanning page](../../application_security/dependency_scanning/index.md).
### If your project is hosted on GitHub (`https://github.com` / GitHub Enterprise)
Since [GitLab 10.6 comes with GitHub integration](https://about.gitlab.com/solutions/github/),
GitLab users can now create a CI/CD project in GitLab connected to an external
GitHub.com or GitHub Enterprise repository. This will automatically prompt
GitLab CI/CD to run whenever code is pushed to GitHub and post CI/CD results
back to both GitLab and GitHub when completed.
<!-- vale gitlab.Spelling = NO -->
1. Create a new project, and select **CI/CD for external repository**:
![Create new Project](img/gemnasium/create_project_v13_5.png)
<!-- vale gitlab.Spelling = YES -->
1. Use the **GitHub** button to connect your repositories.
![Connect from GitHub](img/gemnasium/connect_github_v13_5.png)
1. Select the project(s) to be set up with GitLab CI/CD and choose **Connect**.
![Select projects](img/gemnasium/select_project_v13_5.png)
After the configuration is done, you may click on your new
project on GitLab.
![click on connected project](img/gemnasium/project_connected.png)
Your project is now mirrored on GitLab, where the runners are able to access
your source code and run your tests.
Optional step: If you set this up on GitLab.com, make sure the project is
public (in the project settings) if your GitHub project is public, since
the security feature is available only for [GitLab Ultimate](https://about.gitlab.com/pricing/).
1. To set up the dependency scanning job, corresponding to what Gemnasium was
doing, you must create a `.gitlab-ci.yml` file, or update it according to
the [dependency scanning docs](../../application_security/dependency_scanning/index.md).
The mirroring is pull-only by default, so you may create or update the file on
GitHub:
![Edit YAML file](img/gemnasium/edit_gitlab-ci.png)
1. Once your file has been committed, a new pipeline automatically
triggers if your file is valid:
![pipeline](img/gemnasium/pipeline.png)
1. The result of the job is visible directly from the pipeline view:
![Security Dashboard](../../application_security/security_dashboard/img/pipeline_security_dashboard_v13_3.png)
NOTE:
If you don't commit very often to your project, you may want to use
[scheduled pipelines](../../../ci/pipelines/schedules.md) to run the job on a regular
basis.
<!-- This redirect file can be deleted after <2021-08-15>. -->
<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page -->
\ No newline at end of file
......@@ -20,7 +20,6 @@ info: To determine the technical writer assigned to the Stage/Group associated w
1. [From TFVC](tfvc.md)
1. [From repository by URL](repo_by_url.md)
1. [By uploading a manifest file (AOSP)](manifest.md)
1. [From Gemnasium](gemnasium.md)
1. [From Phabricator](phabricator.md)
1. [From Jira (issues only)](jira.md)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment