From b9fcf34558592b1df3e4fc7a647d3477d7e4edae Mon Sep 17 00:00:00 2001
From: tdruez <tdruez@aboutcode.org>
Date: Tue, 28 Oct 2025 12:37:20 +0400
Subject: [PATCH 1/2] Add support for GitLab CI/CD

Signed-off-by: tdruez <tdruez@aboutcode.org>
---
 README.md             |  15 ++++++-
 gitlab/.gitlab-ci.yml |  33 ++++++++++++++
 gitlab/README.md      | 100 ++++++++++++++++++++++++++++++++++++++++++
 jenkins/README.md     |   2 +-
 4 files changed, 147 insertions(+), 3 deletions(-)
 create mode 100644 gitlab/.gitlab-ci.yml
 create mode 100644 gitlab/README.md

diff --git a/README.md b/README.md
index 572f67f..89c154b 100644
--- a/README.md
+++ b/README.md
@@ -3,8 +3,19 @@
 Run [ScanCode.io](https://github.com/aboutcode-org/scancode.io) pipelines directly
 from your **GitHub Workflows**.
 
-For **Azure DevOps Pipelines** support and setup instructions, see the
-[Azure Pipelines documentation](https://github.com/aboutcode-org/scancode-action/blob/main/azure-pipelines/README.md).
+# `@aboutcode-org/scancode-action`
+
+Run [ScanCode.io](https://github.com/aboutcode-org/scancode.io) pipelines directly
+from your **GitHub Workflows**.
+
+## Supported Platforms
+
+| Platform | Documentation |
+|----------|---------------|
+| **GitHub Actions** | See [GitHub Actions documentation](https://github.com/aboutcode-org/scancode-action/blob/main/README.md) |
+| **GitLab CI/CD** | See [GitLab documentation](https://github.com/aboutcode-org/scancode-action/blob/main/gitlab/README.md) |
+| **Jenkins** | See [Jenkins documentation](https://github.com/aboutcode-org/scancode-action/blob/main/jenkins/README.md) |
+| **Azure Pipelines** | See [Azure Pipelines documentation](https://github.com/aboutcode-org/scancode-action/blob/main/azure-pipelines/README.md) |
 
 > [!IMPORTANT]
 > The scancode-action is currently in the **beta stage**, and we invite you to 
diff --git a/gitlab/.gitlab-ci.yml b/gitlab/.gitlab-ci.yml
new file mode 100644
index 0000000..f4cdbdd
--- /dev/null
+++ b/gitlab/.gitlab-ci.yml
@@ -0,0 +1,33 @@
+# GitLab CI/CD Pipeline with ScanCode.io Integration
+
+stages:
+  - scan
+
+# ScanCode.io Scan Job
+scancode_scan:
+  stage: scan
+  image: docker:latest
+  services:
+    - docker:dind
+  variables:
+    DOCKER_DRIVER: overlay2
+    DOCKER_TLS_CERTDIR: "/certs"
+  script:
+    - echo "Running ScanCode.io scan..."
+
+    # Run the scan and save results
+    - |
+      docker run --rm \
+        -v "$(pwd)":/codedrop \
+        ghcr.io/aboutcode-org/scancode.io:latest \
+        run scan_codebase /codedrop \
+        > scancode_results.json
+
+    - echo "Scan completed!"
+
+  artifacts:
+    name: "scancode-results-${CI_COMMIT_SHORT_SHA}"
+    paths:
+      - scancode_results.json
+    expire_in: 30 days
+    when: always
diff --git a/gitlab/README.md b/gitlab/README.md
new file mode 100644
index 0000000..3e47387
--- /dev/null
+++ b/gitlab/README.md
@@ -0,0 +1,100 @@
+# ScanCode.io GitLab CI/CD Integration
+
+Run [ScanCode.io](https://github.com/aboutcode-org/scancode.io) into your GitLab CI/CD 
+pipeline.
+
+- [Overview](#overview)
+- [Quick Start](#quick-start)
+- [Simple Example](#simple-example)
+- [Specify Pipeline](#specify-pipeline)
+- [Additional Resources](#additional-resources)
+
+---
+
+## Overview
+
+This integration allows you to automatically scan your code as part of your GitLab
+pipeline:
+
+- Scans your entire codebase using ScanCode.io
+- Generates a comprehensive JSON report
+- Archives the results as GitLab pipeline artifacts
+- Runs automatically on every build
+
+## Quick Start
+
+### Step 1: Create a .gitlab-ci.yml file
+
+Create a file named `.gitlab-ci.yml` in the root of your repository with the following
+content:
+
+```yaml
+# GitLab CI/CD Pipeline with ScanCode.io Integration
+
+stages:
+  - scan
+
+# ScanCode.io Scan Job
+scancode_scan:
+  stage: scan
+  image: docker:latest
+  services:
+    - docker:dind
+  variables:
+    DOCKER_DRIVER: overlay2
+    DOCKER_TLS_CERTDIR: "/certs"
+  script:
+    - echo "Running ScanCode.io scan..."
+    
+    # Run the scan and save results
+    - |
+      docker run --rm \
+        -v "$(pwd)":/codedrop \
+        ghcr.io/aboutcode-org/scancode.io:latest \
+        run scan_codebase /codedrop \
+        > scancode_results.json
+    
+    - echo "Scan completed!"
+  
+  artifacts:
+    name: "scancode-results-${CI_COMMIT_SHORT_SHA}"
+    paths:
+      - scancode_results.json
+    expire_in: 30 days
+    when: always
+```
+
+### Step 2: Access Your Results
+
+After the pipeline completes:
+1. Go to your pipeline page
+2. Click on the job name (`scancode_scan`)
+3. On the right sidebar, click "Browse" under "Job artifacts"
+4. Download `scancode_results.json`
+
+Or download directly from the pipeline page using the download button.
+
+## Specify Pipeline
+
+Instead of `scan_codebase`, you can use other ScanCode.io pipelines:
+
+- `scan_single_package` - For scanning a single package
+- `analyse_docker_image` - For scanning Docker images
+- `load_inventory` - For loading existing scan data
+
+Example with a different pipeline:
+```yaml
+script:
+  - |
+    docker run --rm \
+      -v "$(pwd)":/codedrop \
+      ghcr.io/aboutcode-org/scancode.io:latest \
+      run analyse_docker_image docker://alpine:3.22.1 \
+      > scancode_results.json
+```
+
+## Additional Resources
+
+- **ScanCode.io Documentation:** https://scancodeio.readthedocs.io/
+- **ScanCode.io GitHub:** https://github.com/aboutcode-org/scancode.io
+- **GitLab CI/CD Documentation:** https://docs.gitlab.com/ee/ci/
diff --git a/jenkins/README.md b/jenkins/README.md
index 6a5858d..e5c8139 100644
--- a/jenkins/README.md
+++ b/jenkins/README.md
@@ -76,7 +76,7 @@ pipeline {
 }
 ```
 
-### Step 3: Access Your Results
+### Step 2: Access Your Results
 
 After the build completes:
 1. Go to the build page

From d474515602d371b178f35e902d0d9043c348da46 Mon Sep 17 00:00:00 2001
From: tdruez <tdruez@aboutcode.org>
Date: Tue, 28 Oct 2025 12:44:33 +0400
Subject: [PATCH 2/2] Remove duplication

Signed-off-by: tdruez <tdruez@aboutcode.org>
---
 README.md        | 5 -----
 gitlab/README.md | 1 -
 2 files changed, 6 deletions(-)

diff --git a/README.md b/README.md
index 89c154b..44ba969 100644
--- a/README.md
+++ b/README.md
@@ -3,11 +3,6 @@
 Run [ScanCode.io](https://github.com/aboutcode-org/scancode.io) pipelines directly
 from your **GitHub Workflows**.
 
-# `@aboutcode-org/scancode-action`
-
-Run [ScanCode.io](https://github.com/aboutcode-org/scancode.io) pipelines directly
-from your **GitHub Workflows**.
-
 ## Supported Platforms
 
 | Platform | Documentation |
diff --git a/gitlab/README.md b/gitlab/README.md
index 3e47387..3914c54 100644
--- a/gitlab/README.md
+++ b/gitlab/README.md
@@ -5,7 +5,6 @@ pipeline.
 
 - [Overview](#overview)
 - [Quick Start](#quick-start)
-- [Simple Example](#simple-example)
 - [Specify Pipeline](#specify-pipeline)
 - [Additional Resources](#additional-resources)