File tree 1 file changed +22
-0
lines changed
1 file changed +22
-0
lines changed Original file line number Diff line number Diff line change 77 file :
88 - ' /templates/.buildkit.yml'
99 - ' /templates/.secret-detection.yml'
10+ - template : Security/SAST.gitlab-ci.yml
1011
1112# Global --------------------------
1213
@@ -17,6 +18,7 @@ variables:
1718 XDG_CACHE_HOME : " ${CI_PROJECT_DIR}/.cache"
1819 POETRY_VIRTUALENVS_IN_PROJECT : " true"
1920 REQUESTS_CA_BUNDLE : " /etc/ssl/certs/ca-certificates.crt"
21+ GITLAB_ADVANCED_SAST_ENABLED : ' true'
2022
2123cache :
2224 key :
@@ -132,6 +134,26 @@ mypy_manual:
132134 rules :
133135 - if : $CI_PIPELINE_SOURCE != "schedule"
134136
137+ gitlab-advanced-sast :
138+ stage : check
139+ before_script :
140+ - ' '
141+ rules :
142+ - when : always
143+ variables :
144+ SAST_EXCLUDED_PATHS : ' $DEFAULT_SAST_EXCLUDED_PATHS'
145+ GIT_STRATEGY : clone
146+
147+ semgrep-sast :
148+ stage : check
149+ before_script :
150+ - ' '
151+ rules :
152+ - when : always
153+ variables :
154+ SAST_EXCLUDED_PATHS : ' $DEFAULT_SAST_EXCLUDED_PATHS'
155+ GIT_STRATEGY : clone
156+
135157# stage: build ----------------------
136158
137159package :
You can’t perform that action at this time.
0 commit comments