secondhemd/shbot
2
1
Fork 0
Code Issues Pull requests Projects Packages 1 Wiki Activity

Revert "Configure SAST in .gitlab-ci.yml, creating this file if it does not already exist"

Browse source 
This reverts commit c83161731b.
This commit is contained in:
Aaron Riedel 2022-03-07 11:49:45 +01:00
parent 90e5e78149
commit 6a7a0c6485
Signed by: aaron
GPG key ID: 643004654D40D577
1 changed files with 41 additions and 54 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

55
.gitlab-ci.yml
View file

@ -1,33 +1,20 @@
# You can override the included template(s) by including variable overrides stages: # List of stages for jobs, and their order of execution
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings - build
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings - test
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings - deploy
# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings
# Note that environment variables can be set in several places
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
stages:
- build
- test
- deploy
- review
- dast
- staging
- canary
- production
- incremental rollout 10%
- incremental rollout 25%
- incremental rollout 50%
- incremental rollout 100%
- performance
- cleanup
image: debian image: debian
docker-build-push: docker-build-push:
# Use the official docker image.
image: docker:latest image: docker:latest
stage: build stage: build
services: services:
- docker:dind - docker:dind
before_script: before_script:
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
# Default branch leaves tag empty (= latest tag)
# All other branches are tagged with the escaped branch name (commit ref slug)
script: script:
- | - |
if [[ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]]; then if [[ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]]; then
@ -42,6 +29,7 @@ docker-build-push:
only: only:
- master - master
- dev - dev
docker-build: docker-build:
image: docker:latest image: docker:latest
stage: build stage: build
@ -54,21 +42,20 @@ docker-build:
except: except:
- master - master
- dev - dev
before_script: before_script:
- apt-get update -qq - apt-get update -qq
- which ssh-agent || ( apt-get install -qq openssh-client ) # Setup SSH deploy keys
- eval $(ssh-agent -s) - 'which ssh-agent || ( apt-get install -qq openssh-client )'
- ssh-add <(echo "$SSH_PRIVATE_KEY") - eval $(ssh-agent -s)
- mkdir -p ~/.ssh - ssh-add <(echo "$SSH_PRIVATE_KEY")
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config' - mkdir -p ~/.ssh
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
deploy_staging: deploy_staging:
stage: deploy stage: deploy
script: script:
- ssh $SSH_SERVER "cd /root && docker-compose pull shbot && docker-compose up -d - ssh $SSH_SERVER "cd /root && docker-compose pull shbot && docker-compose up -d shbot && exit"
shbot && exit"
only: only:
- master - master
sast:
stage: test
include:
- template: Auto-DevOps.gitlab-ci.yml