misty.cafe/mistykey
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

add container scanning

Browse source
This commit is contained in:
Hazelnoot 2025-09-24 09:35:51 -04:00
parent b9ec20b736
commit f9ba21f731
1 changed files with 9 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

9
.gitlab-ci.yml
View file

@ -1,6 +1,7 @@
# https://docs.gitlab.com/user/application_security/sast/
include:
- template: Jobs/Dependency-Scanning.latest.gitlab-ci.yml
- template: Jobs/Container-Scanning.latest.gitlab-ci.yml
- template: Jobs/SAST.latest.gitlab-ci.yml
- template: Jobs/Secret-Detection.latest.gitlab-ci.yml
@ -21,6 +22,14 @@ variables:
# https://docs.gitlab.com/user/application_security/detect/security_configuration/#use-security-scanning-tools-with-merge-request-pipelines
AST_ENABLE_MR_PIPELINES: 'true'
# https://docs.gitlab.com/user/application_security/container_scanning/#scanning-archives-built-in-a-previous-job
# https://docs.gitlab.com/user/application_security/detect/security_configuration/#error-chosen-stage-test-does-not-exist
container_scanning:
variables:
CS_IMAGE: ${CI_REGISTRY_IMAGE}:${REGISTRY_PUSH_TAG}
AST_ENABLE_MR_PIPELINES: 'false'
stage: deploy
stages:
- test
- deploy