diff options
author | Michael Henriksen <mhenriksen@gitlab.com> | 2020-11-23 19:59:00 +0300 |
---|---|---|
committer | Paul Okstad <pokstad@gitlab.com> | 2020-11-23 19:59:00 +0300 |
commit | 716e4b0273f0c20845fada518b074f1e00a1fd46 (patch) | |
tree | 7bb1493384fabc3181eb7fa0ed39e27f6458b86f /.gitlab-ci.yml | |
parent | 885a33cc30598448df0691c3b2ab28fb9bb8009e (diff) |
Don't use alias reference for job rules
Referencing an alias for the job rules generated
an incompatible list, so I had to give up on
DRYing the rules.
Diffstat (limited to '.gitlab-ci.yml')
-rw-r--r-- | .gitlab-ci.yml | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index d1ae8d83b..d48a457d0 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -23,6 +23,7 @@ include: - template: Security/SAST.gitlab-ci.yml - template: Security/Dependency-Scanning.gitlab-ci.yml - template: Security/Coverage-Fuzzing.gitlab-ci.yml + - template: Security/Secret-Detection.gitlab-ci.yml danger-review: image: registry.gitlab.com/gitlab-org/gitlab-build-images:danger @@ -230,14 +231,44 @@ docker-tag: gosec-sast: before_script: - apk add pkgconfig libgit2-dev gcc libc-dev + rules: + - if: $SAST_DISABLED + when: never + - if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH + - if: $CI_MERGE_REQUEST_IID + - if: $CI_COMMIT_TAG license_scanning: before_script: - sudo apt-get update - sudo apt-get install -y libicu-dev libgit2-dev cmake + rules: + - if: $LICENSE_SCANNING_DISABLED + when: never + - if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH + - if: $CI_MERGE_REQUEST_IID + - if: $CI_COMMIT_TAG variables: LICENSE_FINDER_CLI_OPTS: '--aggregate-paths=. ruby' +gemnasium-dependency_scanning: + rules: + - if: $DEPENDENCY_SCANNING_DISABLED + when: never + - if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH + - if: $CI_MERGE_REQUEST_IID + - if: $CI_COMMIT_TAG + +secret_detection: + inherit: + default: false + rules: + - if: $SECRET_DETECTION_DISABLED + when: never + - if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH + - if: $CI_MERGE_REQUEST_IID + - if: $CI_COMMIT_TAG + praefect_sql_connect: <<: *test_definition services: |