Configure SAST in .gitlab-ci.yml
, creating this file if it does not already exist
This commit is contained in:
parent
6c69d3aae7
commit
33a4a36ee4
1 changed files with 45 additions and 42 deletions
|
@ -1,13 +1,15 @@
|
|||
|
||||
# You can override the included template(s) by including variable overrides
|
||||
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
|
||||
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
|
||||
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
|
||||
# Note that environment variables can be set in several places
|
||||
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
|
||||
variables:
|
||||
REPO_NAME: git.ucode.space/Phil/goshorly
|
||||
DOCKER_BUILDKIT: 1
|
||||
|
||||
|
||||
stages:
|
||||
- test
|
||||
- build
|
||||
|
||||
format:
|
||||
image: golang:latest
|
||||
stage: test
|
||||
|
@ -19,7 +21,6 @@ format:
|
|||
- go fmt $(go list ./... | grep -v /vendor/)
|
||||
- go vet $(go list ./... | grep -v /vendor/)
|
||||
- go test -race $(go list ./... | grep -v /vendor/)
|
||||
|
||||
gosec:
|
||||
image: golang:latest
|
||||
before_script:
|
||||
|
@ -30,7 +31,6 @@ gosec:
|
|||
- go install github.com/securego/gosec/v2/cmd/gosec@latest
|
||||
- go get -v -d .
|
||||
- gosec ./...
|
||||
|
||||
docker-build-prod-latest:
|
||||
image: ezkrg/buildx
|
||||
stage: build
|
||||
|
@ -48,7 +48,6 @@ docker-build-prod-latest:
|
|||
.
|
||||
only:
|
||||
- main
|
||||
|
||||
docker-build-MR-dry-run:
|
||||
image: docker:latest
|
||||
stage: build
|
||||
|
@ -66,3 +65,7 @@ docker-build-MR-dry-run:
|
|||
- docker build --pull -t "$CI_REGISTRY_IMAGE${tag}" .
|
||||
only:
|
||||
- merge_requests
|
||||
sast:
|
||||
stage: test
|
||||
include:
|
||||
- template: Security/SAST.gitlab-ci.yml
|
||||
|
|
Loading…
Reference in a new issue