Configure SAST in `.gitlab-ci.yml`, creating this file if it does not already exist

b10342a2 · Andrej Ramašeuski · e5c400e6 · b10342a2
Commit b10342a2 authored 3 years ago by Andrej Ramašeuski
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
+# You can override the included template(s) by including variable overrides
+# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
+# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
+# Note that environment variables can be set in several places
+# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
 image: docker:19.03.12
 variables:
  DOCKER_TLS_CERTDIR: "/certs"
  IMAGE_VER: 1.10.0
 services:
-  - docker:19.03.12-dind
+- docker:19.03.12-dind
 before_script:
-  - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
 build:
  stage: build
  script:
-    - docker pull $CI_REGISTRY_IMAGE:latest || true
+  - docker pull $CI_REGISTRY_IMAGE:latest || true
-    - docker build --cache-from $CI_REGISTRY_IMAGE:latest --tag $CI_REGISTRY_IMAGE:$IMAGE_VER --tag $CI_REGISTRY_IMAGE:latest .
+  - docker build --cache-from $CI_REGISTRY_IMAGE:latest --tag $CI_REGISTRY_IMAGE:$IMAGE_VER
-    - docker push $CI_REGISTRY_IMAGE:$IMAGE_VER
+    --tag $CI_REGISTRY_IMAGE:latest .
-    - docker push $CI_REGISTRY_IMAGE:latest
+  - docker push $CI_REGISTRY_IMAGE:$IMAGE_VER
+  - docker push $CI_REGISTRY_IMAGE:latest
+stages:
+- test
+sast:
+  stage: test
+include:
+- template: Security/SAST.gitlab-ci.yml