blob: 5622cd232ca224fc9161963e91632c3040fb402b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
include:
- template: Code-Quality.gitlab-ci.yml
- template: Security/SAST.gitlab-ci.yml
- template: Security/Dependency-Scanning.gitlab-ci.yml
- template: Security/DAST.gitlab-ci.yml
.reports:
extends:
- .default-retry
- .except-docs
code_quality:
extends: .reports
sast:
extends: .reports
variables:
SAST_BRAKEMAN_LEVEL: 2
SAST_EXCLUDED_PATHS: qa,spec,doc
artifacts:
expire_in: 7 days
paths:
- gl-sast-report.json
dependency_scanning:
extends: .reports
dast:
extends:
- .reports
- .review-only
stage: qa
dependencies: ["review-deploy"]
before_script:
- export DAST_WEBSITE="$(cat review_app_url.txt)"
artifacts:
expire_in: 7 days
paths:
- gl-dast-report.json
|