From 3048ff3ba42456712a5f0f8c1e7a3e71cd59748a Mon Sep 17 00:00:00 2001 From: Sam Kintop Date: Tue, 10 Feb 2026 14:21:03 +0000 Subject: [PATCH 1/2] Configure SAST in `.gitlab-ci.yml`, creating this file if it does not already exist --- .gitlab-ci.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 .gitlab-ci.yml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..f2d95c1 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,13 @@ +# You can override the included template(s) by including variable overrides +# SAST customization: https://docs.gitlab.com/user/application_security/sast/#available-cicd-variables +# Secret Detection customization: https://docs.gitlab.com/user/application_security/secret_detection/pipeline/configure/ +# Dependency Scanning customization: https://docs.gitlab.com/user/application_security/dependency_scanning/#customizing-analyzer-behavior +# Container Scanning customization: https://docs.gitlab.com/user/application_security/container_scanning/#customizing-analyzer-behavior +# Note that environment variables can be set in several places +# See https://docs.gitlab.com/ci/variables/#cicd-variable-precedence +stages: +- test +sast: + stage: test +include: +- template: Security/SAST.gitlab-ci.yml From a9b0189ef965885ee01a3ef2bc7af5a4bb941d43 Mon Sep 17 00:00:00 2001 From: Sam Kintop Date: Tue, 10 Feb 2026 14:21:05 +0000 Subject: [PATCH 2/2] Configure Secret Detection in `.gitlab-ci.yml`, creating this file if it does not already exist --- .gitlab-ci.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index f2d95c1..2f65049 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -7,7 +7,13 @@ # See https://docs.gitlab.com/ci/variables/#cicd-variable-precedence stages: - test +- secret-detection sast: stage: test include: - template: Security/SAST.gitlab-ci.yml +- template: Security/Secret-Detection.gitlab-ci.yml +variables: + SECRET_DETECTION_ENABLED: 'true' +secret_detection: + stage: secret-detection