40 lines
751 B
YAML
40 lines
751 B
YAML
include:
|
|
- template: Code-Quality.gitlab-ci.yml
|
|
- template: Security/SAST.gitlab-ci.yml
|
|
- template: Security/Dependency-Scanning.gitlab-ci.yml
|
|
- template: Security/DAST.gitlab-ci.yml
|
|
|
|
.reports:
|
|
extends:
|
|
- .default-retry
|
|
- .except-docs
|
|
|
|
code_quality:
|
|
extends: .reports
|
|
|
|
sast:
|
|
extends: .reports
|
|
variables:
|
|
SAST_BRAKEMAN_LEVEL: 2
|
|
SAST_EXCLUDED_PATHS: qa,spec,doc
|
|
artifacts:
|
|
expire_in: 7 days
|
|
paths:
|
|
- gl-sast-report.json
|
|
|
|
dependency_scanning:
|
|
extends: .reports
|
|
|
|
dast:
|
|
extends:
|
|
- .reports
|
|
- .review-only
|
|
stage: qa
|
|
dependencies: ["review-deploy"]
|
|
before_script:
|
|
- export DAST_WEBSITE="$(cat review_app_url.txt)"
|
|
artifacts:
|
|
expire_in: 7 days
|
|
paths:
|
|
- gl-dast-report.json
|