From f1e0ab2450fac9b1ad396b0b0b3bb8d8094be9c5 Mon Sep 17 00:00:00 2001 From: Matthias Langhard Date: Wed, 3 Nov 2021 15:04:57 +0000 Subject: [PATCH] Configure SAST in `.gitlab-ci.yml`, creating this file if it does not already exist --- .gitlab-ci.yml | 30 +++++++++++++++++++----------- 1 file changed, 19 insertions(+), 11 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 40e0dfe..1b5a92a 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,24 +1,32 @@ +# You can override the included template(s) by including variable overrides +# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings +# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings +# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings +# Note that environment variables can be set in several places +# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence stages: - - test - - publish - +- test +- publish running tests for tag: only: - - /^\d*.\d*.\d*$/ # gets triggered if the commit tag is in the form n.n.n where n is any number + - "/^\\d*.\\d*.\\d*$/" tags: - - shared + - shared image: mcr.microsoft.com/dotnet/core/sdk:3.1 stage: test script: - - dotnet test ./tests - + - dotnet test ./tests publish to nuget: tags: - - shared + - shared only: - - /^\d*.\d*.\d*$/ # gets triggered if the commit tag is in the form n.n.n where n is any number + - "/^\\d*.\\d*.\\d*$/" image: mcr.microsoft.com/dotnet/core/sdk:3.1 stage: publish script: - - dotnet pack src -o ./packaged - - dotnet nuget push ./packaged/*.nupkg -k $NUGET_API_KEY -s https://api.nuget.org/v3/index.json + - dotnet pack src -o ./packaged + - dotnet nuget push ./packaged/*.nupkg -k $NUGET_API_KEY -s https://api.nuget.org/v3/index.json +sast: + stage: test +include: +- template: Security/SAST.gitlab-ci.yml