Merge branch 'set-sast-config-1' into 'main'

Configure SAST in `.gitlab-ci.yml`, creating this file if it does not already exist

See merge request novaloop-oss/novaloop.bexioapi!1

.gitlab-ci.yml

@@ -1,22 +1,30 @@
+# You can override the included template(s) by including variable overrides
+# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
+# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
+# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
+# Note that environment variables can be set in several places
+# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
 stages:
-  - test
+- test
-  - publish
+- publish
-
 running tests for tag:
   tags:
-    - shared
+  - shared
   image: mcr.microsoft.com/dotnet/core/sdk:3.1
   stage: test
   script:
-    - dotnet test ./tests
+  - dotnet test ./tests
-
 publish to nuget:
   tags:
-    - shared
+  - shared
   only:
-    - /^\d*.\d*.\d*$/ # gets triggered if the commit tag is in the form n.n.n where n is any number
+  - "/^\\d*.\\d*.\\d*$/"
   image: mcr.microsoft.com/dotnet/core/sdk:3.1
   stage: publish
   script:
-    - dotnet pack src -o ./packaged
+  - dotnet pack src -o ./packaged
-    - dotnet nuget push ./packaged/*.nupkg -k $NUGET_API_KEY -s https://api.nuget.org/v3/index.json
+  - dotnet nuget push ./packaged/*.nupkg -k $NUGET_API_KEY -s https://api.nuget.org/v3/index.json
+sast:
+  stage: test
+include:
+- template: Security/SAST.gitlab-ci.yml