diff options
| author | Javier Jardón <jjardon@gnome.org> | 2018-04-24 01:09:40 +0100 |
|---|---|---|
| committer | Javier Jardón <jjardon@gnome.org> | 2018-04-24 01:09:40 +0100 |
| commit | 799559fd2ed67e380e1961111b011498a38f99bd (patch) | |
| tree | 3f0ca14c5b557ab64a05ca41b7269e4166ddb903 | |
| parent | caa52411c8039a19954b83d3bfa015c44a594661 (diff) | |
| download | buildstream-799559fd2ed67e380e1961111b011498a38f99bd.tar.gz | |
.gitlab-ci.yml: Add job to run Static Application Security Testing
| -rw-r--r-- | .gitlab-ci.yml | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index a7a462997..e586671cd 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -208,6 +208,23 @@ coverage: - tests-unix - source_dist +sast: + image: docker:stable + variables: + DOCKER_DRIVER: overlay2 + allow_failure: true + services: + - docker:stable-dind + script: + - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/') + - docker run + --env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}" + --volume "$PWD:/code" + --volume /var/run/docker.sock:/var/run/docker.sock + "registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code + artifacts: + paths: [gl-sast-report.json] + # Deploy, only for merges which land on master branch. # pages: |