From 4f11883b5553a5e204ccffac9cd0151522a2d022 Mon Sep 17 00:00:00 2001
From: Slava <beaconborn@yandex.ru>
Date: Mon, 11 Mar 2024 06:52:16 +0000
Subject: [PATCH] Configure SAST in `.gitlab-ci.yml`, creating this file if it
 does not already exist

---
 .gitlab-ci.yml | 43 ++++++++++++++++++++++++++++---------------
 1 file changed, 28 insertions(+), 15 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index c996132..149ea54 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,24 +1,37 @@
+# You can override the included template(s) by including variable overrides
+# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
+# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
+# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
+# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings
+# Note that environment variables can be set in several places
+# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
 qodana:
   only:
-    - master
-    - merge_requests
+  - master
+  - merge_requests
   image:
     name: jetbrains/qodana-python-community
-    entrypoint: [""]
+    entrypoint:
+    - ''
   cache:
-      - key: qodana-2023.3-$CI_DEFAULT_BRANCH-$CI_COMMIT_REF_SLUG
-        fallback_keys:
-           - qodana-2023.3-$CI_DEFAULT_BRANCH-
-           - qodana-2023.3-
-        paths:
-           - .qodana/cache
-
+  - key: qodana-2023.3-$CI_DEFAULT_BRANCH-$CI_COMMIT_REF_SLUG
+    fallback_keys:
+    - qodana-2023.3-$CI_DEFAULT_BRANCH-
+    - qodana-2023.3-
+    paths:
+    - ".qodana/cache"
   variables:
-    QODANA_TOKEN: $qodana_token
+    QODANA_TOKEN: "$qodana_token"
   script:
-    - qodana --save-report --results-dir=$CI_PROJECT_DIR/.qodana/results
-         --cache-dir=$CI_PROJECT_DIR/.qodana/cache
+  - qodana --save-report --results-dir=$CI_PROJECT_DIR/.qodana/results --cache-dir=$CI_PROJECT_DIR/.qodana/cache
   artifacts:
-    expose_as: 'qodana_report'
+    expose_as: qodana_report
     expire_in: 1 week
-    paths: [ '.qodana/results/' ]
+    paths:
+    - ".qodana/results/"
+stages:
+- test
+sast:
+  stage: test
+include:
+- template: Security/SAST.gitlab-ci.yml