forked from SGL-UT/gnsstk
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.gitlab.gs.mil-ci.yml
42 lines (37 loc) · 1.02 KB
/
.gitlab.gs.mil-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
#.yml file for Gitlab-CI support
# Note that the following tokens must be supplied via the Gitlab Repository Settings:
# - TF_API_KEY: token used for fortify threadfix uploads
# - TF_APP_ID: id of project in threadfix mapped to fortify scans
include:
- project: 'IPF/sgl/ci-templates'
file: 'docker/build.yml'
- project: 'IPF/sgl/ci-templates'
file: 'docker/s3.yml'
- project: 'IPF/sgl/ci-templates'
file: 'python/wheel.yml'
- project: 'IPF/sgl/ci-templates'
file: 'pcf/deploy.yml'
- project: 'IPF/sgl/ci-templates'
file: 'scanning/fortify.yml'
- project: 'IPF/sgl/ci-templates'
file: 'scanning/container.yml'
- project: 'IPF/sgl/ci-templates'
file: 'scanning/dast.yml'
- template: SAST.gitlab-ci.yml
stages:
- Scan
Fortify:
extends: .fortify_scanning
stage: Scan
variables:
SCAN_PATH: "."
SCAN_ARGS: ''
only:
- main
sast:
stage: Scan
tags:
- standard
variables:
SAST_ANALYZER_IMAGE_PREFIX: "${CI_REGISTRY_IMAGE}/analyzers"
SAST_DISABLE_DIND: "true"