# You can override the included template(s) by including variable overrides # SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings # Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/pipeline/#customization # Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings # Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings # Note that environment variables can be set in several places # See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence include: # include the component located in the current project from the current SHA - component: $CI_SERVER_FQDN/$CI_PROJECT_PATH/sonarqube@$CI_COMMIT_SHA inputs: stage: build stages: [build, test, release] sast: stage: test rules: - if: $CI_COMMIT_TAG when: never - when: always include: - template: Security/SAST.gitlab-ci.yml ensure-job-added: stage: test tags: - docker rules: - if: $CI_COMMIT_TAG when: never - when: always image: badouralix/curl-jq script: - | route="${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/pipelines/${CI_PIPELINE_ID}/jobs" count=`curl --header "PRIVATE-TOKEN: ${API_ACCESS}" --silent "$route" | jq 'map(select(.name | contains("sonarqube"))) | length'` echo curl --header "PRIVATE-TOKEN: ${API_ACCESS}" --silent "$route" if [ "$count" != "1" ]; then exit 1; else echo "Component Job present" fi # If the pipeline is for a new tag with a semantic version, and all previous jobs succeed, # create the release. create-release: stage: release image: registry.gitlab.com/gitlab-org/release-cli:latest tags: - docker script: echo "Creating release $CI_COMMIT_TAG" rules: - if: $CI_COMMIT_TAG release: tag_name: $CI_COMMIT_TAG description: "Release $CI_COMMIT_TAG of components repository $CI_PROJECT_PATH"