Set .gitlab-ci.yml to enable or configure SAST

.gitlab-ci.yml

@@ -1,65 +1,53 @@
+# You can override the included template(s) by including variable overrides
+# See https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
+# Note that environment variables can be set in several places
+# See https://docs.gitlab.com/ee/ci/variables/#priority-of-environment-variables
 image: docker:18.09.7-dind
 services:
-  - docker:18.09.7-dind
+- docker:18.09.7-dind
 variables:
   DOCKER_DRIVER: overlay
   DOCKER_HOST: tcp://localhost:2375/
-  IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
+  IMAGE_TAG: "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG"
   FF_GITLAB_REGISTRY_HELPER_IMAGE: 1
-
 stages:
-  - build
+- build
-  - push_local
+- push_local
-  - push_dockerhub
+- push_dockerhub
-
+- test
 before_script:
-  - docker version
+- docker version
-  - docker info
+- docker info
-  - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
+- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
-
 build:
   stage: build
-  #  image: docker:18.09.7-dind
-  #  services:
-          #    - docker:18.09.7-dind
-      #  variables:
-      #    DOCKER_DRIVER: overlay
-      #    DOCKER_HOST: tcp://localhost:2375/
-      #    IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
-      #    FF_GITLAB_REGISTRY_HELPER_IMAGE: 1
-      #  before_script:
-      #    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
   script:
-    - docker build --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA ./Docker/
+  - docker build --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA ./Docker/
-    - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
+  - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
-      #- docker login registry.evanrichardsonphotography.com
-      #- docker build -t registry.evanrichardsonphotography.com/erichardson/py-eagle-mqtt ./Docker/
-      #- docker push registry.evanrichardsonphotography.com/erichardson/py-eagle-mqtt
-    #- ls 
-    #- docker build --pull -t "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG" ./Docker/
-    #- docker push "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG"
-
 push local:
   stage: push_local
   variables:
     GIT_STRATEGY: none
   only:
-    - master
+  - master
   script:
-    - docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
+  - docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
-    - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_REGISTRY_IMAGE:latest
+  - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_REGISTRY_IMAGE:latest
-    - docker push $CI_REGISTRY_IMAGE:latest
+  - docker push $CI_REGISTRY_IMAGE:latest
-
 push dockerhub:
   stage: push_dockerhub
   variables:
     GIT_STRATEGY: none
-    CI_DOCKERHUB_IMAGE: "index.docker.io/evanrich/py-eagle-mqtt"
+    CI_DOCKERHUB_IMAGE: index.docker.io/evanrich/py-eagle-mqtt
-    CI_DOCKERHUB_REGISTRY: "docker.io"
+    CI_DOCKERHUB_REGISTRY: docker.io
   only:
-    - master
+  - master
   script:
-    - docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
+  - docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
-    - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_DOCKERHUB_IMAGE:latest
+  - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_DOCKERHUB_IMAGE:latest
-    - docker login -u "$CI_DOCKERHUB_USER" -p "$CI_DOCKERHUB_PASSWORD" $CI_DOCKERHUB_REGISTRY
+  - docker login -u "$CI_DOCKERHUB_USER" -p "$CI_DOCKERHUB_PASSWORD" $CI_DOCKERHUB_REGISTRY
-    - docker push $CI_DOCKERHUB_IMAGE:latest
+  - docker push $CI_DOCKERHUB_IMAGE:latest
+sast:
+  stage: test
+include:
+- template: Security/SAST.gitlab-ci.yml