Merge branch 'ci-enable-secret-detection' into 'master'

Enable Secret Detection and Dependency Scanning in CI See merge request !29

Merge branch 'ci-enable-secret-detection' into 'master'
162f61d5 · Bob Van Landuyt · f7e6a8bf · 0ba5d533 · 162f61d5
Commit 162f61d5 authored 4 years ago by Bob Van Landuyt
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
+include:
+  - template: SAST.gitlab-ci.yml  # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml
+  - template: Security/Dependency-Scanning.gitlab-ci.yml # https://docs.gitlab.com/ee/user/application_security/dependency_scanning/
+  - template: Security/Secret-Detection.gitlab-ci.yml # https://docs.gitlab.com/ee/user/application_security/secret_detection/
+
 variables:
  LANG: "C.UTF-8"

@@ -6,7 +11,7 @@ default:
    - gitlab-org

 workflow:
-  rules:
+  rules: &workflow_rules
    # For merge requests, create a pipeline.
    - if: '$CI_MERGE_REQUEST_IID'
    # For `master` branch, create a pipeline (this includes on schedules, pushes, merges, etc.).
@@ -102,5 +107,10 @@ ruby-27-du16:
    - .docutils-016
    - .specs

-include:
-  - template: SAST.gitlab-ci.yml  # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml
+# Dependency Scanning
+gemnasium-dependency_scanning:
+  rules: *workflow_rules
+
+# Secret Detection
+secret_detection:
+  rules: *workflow_rules