From f489e4a1cb9fda4ff8a9026ca4ab63672c680fd0 Mon Sep 17 00:00:00 2001
From: Dantali0n <info@dantalion.nl>
Date: Wed, 25 Oct 2023 16:14:57 +0200
Subject: [PATCH] Address review comments

---
 .gitlab-ci.yml                                | 15 +++++++-
 README.md                                     |  2 +-
 docker/ci-runner/Dockerfile                   | 35 +++++++++----------
 {{cookiecutter.project_slug}}/.gitlab-ci.yml  | 14 +-------
 .../docker/ci-runner/Dockerfile               | 31 ++++++++--------
 5 files changed, 48 insertions(+), 49 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 01f853b..3dfce5f 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -14,11 +14,24 @@ default:
     - cd my_awesome_app
     - git init
 
-# Override semgrep-sast before script
 sast:
+  # override before_script from default: definition above, inherited job image otherwise
+  # won't have Python available
   before_script:
     - python --version # For debugging
 
+dependency_scanning:
+  # override before_script from default: definition above, inherited job image otherwise
+  # won't have Python available
+  before_script:
+    - uname
+
+secret_detection:
+  # override before_script from default: definition above, inherited job image otherwise
+  # won't have Python available
+  before_script:
+    - uname
+
 # Override format artifact paths
 format:
   artifacts:
diff --git a/README.md b/README.md
index aa949d3..9973445 100644
--- a/README.md
+++ b/README.md
@@ -9,7 +9,7 @@ If you find some missing functionality with regards to CI/CD, testing, linting o
 
 ## How to apply this template
 
-This templates uses `cookiecutter` which can be
+This templates uses `cookiecutter` which can be easily installed:
 
 ```bash
 pip install --user cookiecutter
diff --git a/docker/ci-runner/Dockerfile b/docker/ci-runner/Dockerfile
index 3a31e04..d84ec71 100644
--- a/docker/ci-runner/Dockerfile
+++ b/docker/ci-runner/Dockerfile
@@ -7,24 +7,23 @@ FROM ubuntu:22.04
 RUN export DEBIAN_FRONTEND=noninteractive && \
 	apt-get update && \
 	apt-get install -y \
-		abi-compliance-checker \
-		abi-dumper \
-		build-essential \
-		clang-format \
-		clang-tidy \
-		cmake \
-		cmake-format \
-		curl \
-		doxygen \
-		gcovr \
-		git \
-		graphviz \
-		libboost-test-dev \
-		ninja-build \
-		python3-breathe \
-        python3-pip \
-	&& \
+    abi-compliance-checker \
+    abi-dumper \
+    build-essential \
+    clang-format \
+    clang-tidy \
+    cmake \
+    cmake-format \
+    curl \
+    doxygen \
+    gcovr \
+    git \
+    graphviz \
+    libboost-test-dev \
+    ninja-build \
+    python3-breathe \
+    python3-pip && \
 	rm -rf /var/lib/apt/lists/*
 
 RUN python3 -m pip install --upgrade pip
-RUN pip install --upgrade cookiecutter tox twine
\ No newline at end of file
+RUN pip install --upgrade cookiecutter tox twine --no-cache-dir
\ No newline at end of file
diff --git a/{{cookiecutter.project_slug}}/.gitlab-ci.yml b/{{cookiecutter.project_slug}}/.gitlab-ci.yml
index 0b00254..1fbc214 100644
--- a/{{cookiecutter.project_slug}}/.gitlab-ci.yml
+++ b/{{cookiecutter.project_slug}}/.gitlab-ci.yml
@@ -40,9 +40,7 @@ format:
   script:
     - scripts/format-cpp.sh
     - scripts/format-cmake.sh
-    - git diff > format.patch
-    # Fail when the patch is not empy (note ! can't be used directly.)
-    - (! grep -q '^--- a'  format.patch)
+    - git diff --exit-code 1
   artifacts:
     when: on_failure
     paths:
@@ -63,16 +61,6 @@ sast:
       pmd-apex, sobelow, spotbugs
   stage: test
 
-dependency_scanning:
-  # override default before_script, job won't have Python available
-  before_script:
-    - uname
-
-secret_detection:
-  # override default before_script, job won't have Python available
-  before_script:
-    - uname
-
 test:
   stage: test
   needs: ["trigger_prepare"]
diff --git a/{{cookiecutter.project_slug}}/docker/ci-runner/Dockerfile b/{{cookiecutter.project_slug}}/docker/ci-runner/Dockerfile
index d0e1562..bde6bb2 100644
--- a/{{cookiecutter.project_slug}}/docker/ci-runner/Dockerfile
+++ b/{{cookiecutter.project_slug}}/docker/ci-runner/Dockerfile
@@ -7,20 +7,19 @@ FROM ubuntu:22.04
 RUN export DEBIAN_FRONTEND=noninteractive && \
 	apt-get update && \
 	apt-get install -y \
-		abi-compliance-checker \
-		abi-dumper \
-		build-essential \
-		clang-format \
-		clang-tidy \
-		cmake \
-		cmake-format \
-		curl \
-		doxygen \
-		gcovr \
-		git \
-		graphviz \
-		libboost-test-dev \
-		ninja-build \
-		python3-breathe \
-	&& \
+    abi-compliance-checker \
+    abi-dumper \
+    build-essential \
+    clang-format \
+    clang-tidy \
+    cmake \
+    cmake-format \
+    curl \
+    doxygen \
+    gcovr \
+    git \
+    graphviz \
+    libboost-test-dev \
+    ninja-build \
+    python3-breathe && \
 	rm -rf /var/lib/apt/lists/*
-- 
GitLab