From 22fc27c4b98cb3c003c9dd7d83875a481ffe83be Mon Sep 17 00:00:00 2001
From: Daya Adianto <dayaadianto@cs.ui.ac.id>
Date: Thu, 4 Feb 2021 12:39:57 +0700
Subject: [PATCH] Ignore CVE present in one of build dependency

---
 .gitlab-ci.yml | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 750701a..95ae5a6 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -27,12 +27,12 @@ check:
     - allow_failure: true
   script:
     - pipenv check
+      --ignore 39462
+  # Ignore CVE #39462 until next version of Tornado and/or Python.
+  # See discussion at https://github.com/tornadoweb/tornado/issues/2981.
 
 build:artifact:
   stage: package
-  rules:
-    - if: $CI_MERGE_REQUEST_IID
-      when: never
   script:
     - pipenv run mkdocs build
   artifacts:
@@ -49,9 +49,6 @@ build:image:
     REGISTRY_USERNAME: $CSUI_REGISTRY_USERNAME
     REGISTRY_PASSWORD: $CSUI_REGISTRY_PASSWORD
     IMAGE_TAG: latest
-  rules:
-    - if: $CI_MERGE_REQUEST_IID
-      when: never
   before_script:
     - export REGISTRY_AUTH=$(printf $REGISTRY_USERNAME:$REGISTRY_PASSWORD | base64)
     - printf "{\"auths\":{\"$REGISTRY_SERVER\":{\"auth\":\"$REGISTRY_AUTH\"}}}" > /kaniko/.docker/config.json
-- 
GitLab