From 98a14cccad0768841a87ed8801286ff1c62b1c6f Mon Sep 17 00:00:00 2001
From: Douglas Raillard <douglas.raillard@arm.com>
Date: Tue, 6 Feb 2024 16:59:22 +0000
Subject: [PATCH] .gitlab-ci.yml: Use pip-audit in autobranch

Make the autobranch job fail if there is any vulnerability detected in
installed Python packages
---
 .gitlab-ci.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index f9579b67b..3cd2f7d10 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -127,7 +127,8 @@ Autobranch:
       venv=$(mktemp -d)
       lisa_python -m venv "$venv" && source "$venv/bin/activate"
       lisa_python -m pip install --upgrade pip
-      lisa_python -m pip install ./tools/lisa-combine-gitlab-mr
+      lisa_python -m pip install pip-audit ./tools/lisa-combine-gitlab-mr
+      pip-audit || exit 1
 
       function update_branch() {
           local label=$1
-- 
GitLab