Commit 2cfc777e authored by Mmartorana's avatar Mmartorana
Browse files

Update .gitlab-ci.yml file

parent 9af01598
Pipeline #1516 failed with stage
# npm audit via security ci templates
include:
# test node10 auditjs template
# - https://gitlab.wikimedia.org/repos/security/gitlab-ci-security-templates/-/raw/main/auditjs/node12/auditjs-nodejs-12-ci.yml
# test node10 npm-outdated template
# - https://gitlab.wikimedia.org/repos/security/gitlab-ci-security-templates/-/raw/main/npm-outdated/nodejs10/npm-outdated-nodejs-10-ci.yml
# test node10 npm-audit template
# - https://gitlab.wikimedia.org/repos/security/gitlab-ci-security-templates/-/raw/main/npm-audit/nodejs10/npm-audit-nodejs-10-ci.yml
# test Gitlab-provided security templates
# https://gitlab.wikimedia.org/help/user/application_security/sast/index
- template: Security/SAST.gitlab-ci.yml
# per https://gitlab.com/gitlab-org/gitlab/-/merge_requests/50585, these have to be specified
# and MUST reference gl-sast-report.json as the artifact name :/
phpcs-security-audit-sast:
artifacts:
paths:
- gl-sast-report.json
# set appsec-related template variables
variables:
WM_APPSEC_NPM_IMAGE: "nodejs12-devel:0.0.1"
WM_APPSEC_SEMGREP_IMAGE: "python3-build-bullseye:0.0.1"
WM_APPSEC_SEMGREP_OPTIONS: "--config=r/php --metrics=off --time --exclude=vendor"
nodejs-scan-sast:
artifacts:
paths:
- gl-sast-report.json
# node/npm security ci templates
include:
# test general auditjs template
- https://gitlab.wikimedia.org/repos/security/gitlab-ci-security-templates/-/raw/main/auditjs/auditjs-nodejs-ci.yml
eslint-sast:
artifacts:
paths:
- gl-sast-report.json
# test general npm-outdated template
- https://gitlab.wikimedia.org/repos/security/gitlab-ci-security-templates/-/raw/main/npm-outdated/npm-outdated-nodejs-ci.yml
# test general npm-audit template
- https://gitlab.wikimedia.org/repos/security/gitlab-ci-security-templates/-/raw/main/npm-audit/npm-audit-nodejs-ci.yml
semgrep-sast:
artifacts:
paths:
- gl-sast-report.json
# test general semgrep template
- https://gitlab.wikimedia.org/repos/security/gitlab-ci-security-templates/-/raw/main/semgrep/semgrep-ci.yml
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment