Configure SAST in .gitlab-ci.yml, creating this file if it does not already exist

This commit is contained in:
Phil 2022-01-07 20:25:28 +01:00
parent 6c69d3aae7
commit 33a4a36ee4

View file

@ -1,13 +1,15 @@
# You can override the included template(s) by including variable overrides
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
# Note that environment variables can be set in several places
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
variables:
REPO_NAME: git.ucode.space/Phil/goshorly
DOCKER_BUILDKIT: 1
stages:
- test
- build
format:
image: golang:latest
stage: test
@ -19,7 +21,6 @@ format:
- go fmt $(go list ./... | grep -v /vendor/)
- go vet $(go list ./... | grep -v /vendor/)
- go test -race $(go list ./... | grep -v /vendor/)
gosec:
image: golang:latest
before_script:
@ -30,7 +31,6 @@ gosec:
- go install github.com/securego/gosec/v2/cmd/gosec@latest
- go get -v -d .
- gosec ./...
docker-build-prod-latest:
image: ezkrg/buildx
stage: build
@ -48,7 +48,6 @@ docker-build-prod-latest:
.
only:
- main
docker-build-MR-dry-run:
image: docker:latest
stage: build
@ -66,3 +65,7 @@ docker-build-MR-dry-run:
- docker build --pull -t "$CI_REGISTRY_IMAGE${tag}" .
only:
- merge_requests
sast:
stage: test
include:
- template: Security/SAST.gitlab-ci.yml