Gemnasium dependency scanning and code quality failed

Question

i have the following gitlab-ci.yml snippet of the few first code and the test script

---
# Based on the Maven CI/CD template from GitLab: https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Maven.gitlab-ci.yml
variables:
  # `showDateTime` will show the passed time in milliseconds. You need to specify `--batch-mode` to make this work.
  MAVEN_OPTS: >-
    -Dhttps.protocols=TLSv1.2
    -Dmaven.repo.local=$CI_PROJECT_DIR/.m2/repository
    -Dorg.slf4j.simpleLogger.showDateTime=true
    -Djava.awt.headless=true
  # As of Maven 3.3.0 instead of this you MAY define these options in `.mvn/maven.config` so the same config is used
  # when running from the command line.
  # As of Maven 3.6.1, the use of `--no-tranfer-progress` (or `-ntp`) suppresses download and upload messages. The use
  # of the `Slf4jMavenTransferListener` is no longer necessary.
  # `installAtEnd` and `deployAtEnd` are only effective with recent version of the corresponding plugins.
  MAVEN_CLI_OPTS: >-
    --batch-mode
    --errors
    --fail-at-end
    --show-version
    --no-transfer-progress
    -DinstallAtEnd=true
    -DdeployAtEnd=true

# TODO: Add and configure the following CI job templates into the CI/CD configuration:
#       - [Code Quality](https://docs.gitlab.com/ee/ci/testing/code_quality.html)
#       - [Dependency Scanning](https://docs.gitlab.com/ee/user/application_security/dependency_scanning/)
#       - [Static Application Security Testing (SAST)](https://docs.gitlab.com/ee/user/application_security/sast/)
# Check the list of available CI job templates at https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/ci/templates
include:
  - template: Jobs/Secret-Detection.gitlab-ci.yml
  - template: Workflows/Branch-Pipelines.gitlab-ci.yml
  - template: Security/Dependency-Scanning.gitlab-ci.yml
  - template: Jobs/SAST.gitlab-ci.yml
  - template: Code-Quality.gitlab-ci.yml

//some more code//
test:
  stage: test
  image: docker.io/library/maven:3.9.5-eclipse-temurin-17-focal
  services:
    - name: docker.io/library/postgres:14-alpine
      alias: database
  variables:
    SPRING_DATASOURCE_URL: jdbc:postgresql://database:5432/sitodo
    SPRING_DATASOURCE_USERNAME: sitodo
    SPRING_DATASOURCE_PASSWORD: sitodo_cicd
    POSTGRES_USER: sitodo
    POSTGRES_PASSWORD: sitodo_cicd
  needs:
    - build
  before_script:
    - apt-get update && apt-get install -y firefox
    - java -version && javac --version && mvn --version
    - pwd
  script:
    # Run test suites
    - mvn $MAVEN_CLI_OPTS clean test
    # Run PMD and generate test reports
    - mvn $MAVEN_CLI_OPTS verify -DskipTests
    # Get line coverage
    - grep -o "Total[^%]*%" target/site/jacoco/index.html
  coverage: '/Total.*?(\d{1,3})%/'
  cache:
    key:
      files:
        - pom.xml
    paths:
      - .m2/repository
  artifacts:
    paths:
      - target/*.exec
      - target/site/jacoco/
      - target/pmd.xml
      - target/site/pmd.html

    reports:
      junit:
        - target/surefire-reports/TEST-*.xml

///remaining code//

i have added the template needed to trigger dependency scanning job and code quality scanning job, however, it still generates error in pipeline for dependency scanning and code quality such as below

Uploading artifacts for failed job 00:02
Uploading artifacts...
WARNING: **/gl-sbom-*.cdx.json: no matching files. Ensure that the artifact path is relative to the working directory (/builds/heidi.renata/test-automation-exercise) 
ERROR: No files to upload                          
Uploading artifacts...
WARNING: gl-dependency-scanning-report.json: no matching files. Ensure that the artifact path is relative to the working directory (/builds/heidi.renata/test-automation-exercise) 
ERROR: No files to upload                          
Cleaning up project directory and file based variables 00:00
ERROR: Job failed: exit code 1

the job also still failed i have try to modify my .yml file but it seems i still do it incorrectly, what should i do?