Merge branch 'set-sast-config-1' into 'master'

Set .gitlab-ci.yml to enable or configure SAST

See merge request erichardson/py-eagle-mqtt!1

.gitlab-ci.yml

@@ -1,65 +1,66 @@
-image: docker:18.09.7-dind
+# You can override the included template(s) by including variable overrides
-services:
+# See https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
-  - docker:18.09.7-dind
+# Note that environment variables can be set in several places
-variables:
+# See https://docs.gitlab.com/ee/ci/variables/#priority-of-environment-variables
-  DOCKER_DRIVER: overlay
-  DOCKER_HOST: tcp://localhost:2375/
-  IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
-  FF_GITLAB_REGISTRY_HELPER_IMAGE: 1
 
 stages:
-  - build
+- test
-  - push_local
+- build
-  - push_dockerhub
+- push_local
+- push_dockerhub
 
-before_script:
+.docker_base:
-  - docker version
+  image: docker:18.09.7-dind
-  - docker info
+  services:
-  - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
+    - docker:18.09.7-dind
+  variables:
+    DOCKER_DRIVER: overlay
+    DOCKER_HOST: tcp://localhost:2375/
+    IMAGE_TAG: "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG"
+    FF_GITLAB_REGISTRY_HELPER_IMAGE: 1
+  before_script:
+    - docker version
+    - docker info
+    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
 
 build:
+  extends:
+    - .docker_base
   stage: build
-  #  image: docker:18.09.7-dind
-  #  services:
-          #    - docker:18.09.7-dind
-      #  variables:
-      #    DOCKER_DRIVER: overlay
-      #    DOCKER_HOST: tcp://localhost:2375/
-      #    IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
-      #    FF_GITLAB_REGISTRY_HELPER_IMAGE: 1
-      #  before_script:
-      #    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
   script:
-    - docker build --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA ./Docker/
+  - docker build --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA ./Docker/
-    - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
+  - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
-      #- docker login registry.evanrichardsonphotography.com
-      #- docker build -t registry.evanrichardsonphotography.com/erichardson/py-eagle-mqtt ./Docker/
-      #- docker push registry.evanrichardsonphotography.com/erichardson/py-eagle-mqtt
-    #- ls 
-    #- docker build --pull -t "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG" ./Docker/
-    #- docker push "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG"
 
 push local:
+  extends:
+    - .docker_base
   stage: push_local
   variables:
     GIT_STRATEGY: none
   only:
-    - master
+  - master
   script:
-    - docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
+  - docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
-    - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_REGISTRY_IMAGE:latest
+  - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_REGISTRY_IMAGE:latest
-    - docker push $CI_REGISTRY_IMAGE:latest
+  - docker push $CI_REGISTRY_IMAGE:latest
 
 push dockerhub:
+  extends:
+    - .docker_base
   stage: push_dockerhub
   variables:
     GIT_STRATEGY: none
-    CI_DOCKERHUB_IMAGE: "index.docker.io/evanrich/py-eagle-mqtt"
+    CI_DOCKERHUB_IMAGE: index.docker.io/evanrich/py-eagle-mqtt
-    CI_DOCKERHUB_REGISTRY: "docker.io"
+    CI_DOCKERHUB_REGISTRY: docker.io
   only:
-    - master
+  - master
   script:
-    - docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
+  - docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
-    - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_DOCKERHUB_IMAGE:latest
+  - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_DOCKERHUB_IMAGE:latest
-    - docker login -u "$CI_DOCKERHUB_USER" -p "$CI_DOCKERHUB_PASSWORD" $CI_DOCKERHUB_REGISTRY
+  - docker login -u "$CI_DOCKERHUB_USER" -p "$CI_DOCKERHUB_PASSWORD" $CI_DOCKERHUB_REGISTRY
-    - docker push $CI_DOCKERHUB_IMAGE:latest
+  - docker push $CI_DOCKERHUB_IMAGE:latest
+  
+sast:
+  stage: test
+include:
+- template: Security/SAST.gitlab-ci.yml