damage/JPushover11
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Configure Secret Detection in .gitlab-ci.yml, creating this file if it does not already exist

Browse Source
This commit is contained in:
Sven Kubiak 2022-06-28 10:14:04 +00:00
parent 42427e1905
commit b770feabdb
1 changed files with 19 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
.gitlab-ci.yml
View File

@ -1,32 +1,37 @@
# You can override the included template(s) by including variable overrides
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings
# Note that environment variables can be set in several places
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
image: maven:3.8.4-openjdk-17
stages:
- test
- sonar
- owasp
- test
- sonar
- owasp
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN
-Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true
-DdeployAtEnd=true"
cache:
paths:
- .m2/repository
- ".m2/repository"
owasp:
stage: owasp
script:
- mvn $MAVEN_CLI_OPTS -Denforcer.skip clean dependency-check:check
only:
- schedules
test:
stage: test
script: mvn $MAVEN_CLI_OPTS clean verify
sonar:
stage: sonar
script:
- mvn $MAVEN_CLI_OPTS clean verify sonar:sonar --settings settings.xml
script:
- mvn $MAVEN_CLI_OPTS clean verify sonar:sonar --settings settings.xml
only:
- master
include:
- template: Security/Secret-Detection.gitlab-ci.yml