# You can override the included template(s) by including variable overrides # SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings # Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings # Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings # Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings # Note that environment variables can be set in several places # See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence stages: - 'test' - 'code_quality' - 'pull' sast: stage: 'test' include: - template: Security/SAST.gitlab-ci.yml - template: Security/Dependency-Scanning.gitlab-ci.yml - template: Security/SAST-IaC.gitlab-ci.yml qodana: stage: 'code_quality' only: - master - merge_requests image: name: jetbrains/qodana-python-community entrypoint: - '' cache: - key: qodana-2023.3-$CI_DEFAULT_BRANCH-$CI_COMMIT_REF_SLUG fallback_keys: - qodana-2023.3-$CI_DEFAULT_BRANCH- - qodana-2023.3- paths: - ".qodana/cache" variables: QODANA_TOKEN: "$qodana_token" script: - qodana --save-report --results-dir=$CI_PROJECT_DIR/.qodana/results --cache-dir=$CI_PROJECT_DIR/.qodana/cache artifacts: expose_as: qodana_report expire_in: 1 week paths: - ".qodana/results/" job: stage: 'pull' image: 'alpine' only: - master variables: SSH_PRIVATE_KEY: "$SSH_PRIVATE_KEY" cache: paths: - '~/.ssh' - '/usr/bin' before_script: - apk add openssh-client > /dev/null - eval $(ssh-agent -s) # - chmod 400 "$SSH_ARIVATE_KEY" - mkdir -p ~/.ssh - chmod 700 ~/.ssh - cp "$SSH_PRIVATE_KEY" ~/.ssh/id_rsa - ssh-add "$SSH_PRIVATE_KEY" - ssh $BOT_HOST -y script: - cd /opt/discord/tarkov - git pull - mkdir test