From e8a7bd12ad121b6dc5311f87bc6f479abaeeac0f Mon Sep 17 00:00:00 2001
From: Dantali0n <info@dantalion.nl>
Date: Fri, 29 Sep 2023 14:22:21 +0200
Subject: [PATCH] Enable security dashboard features

---
 {{cookiecutter.project_slug}}/.gitlab-ci.yml | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/{{cookiecutter.project_slug}}/.gitlab-ci.yml b/{{cookiecutter.project_slug}}/.gitlab-ci.yml
index 6e41df2..49fdfb6 100644
--- a/{{cookiecutter.project_slug}}/.gitlab-ci.yml
+++ b/{{cookiecutter.project_slug}}/.gitlab-ci.yml
@@ -21,6 +21,10 @@ stages:
 variables:
   PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache/pip"
 
+include:
+  - template: Security/SAST.gitlab-ci.yml
+  - template: Security/Dependency-Scanning.gitlab-ci.yml
+  - template: Security/Secret-Detection.gitlab-ci.yml
 
 # Prepare image to run ci on
 trigger_prepare:
@@ -52,6 +56,22 @@ run_pylint:
 #   script:
 #     - echo "build fortran/c/cpp extension source code"
 
+sast:
+  variables:
+    SAST_EXCLUDED_ANALYZERS: brakeman, flawfinder, kubesec, nodejs-scan, phpcs-security-audit,
+      pmd-apex, security-code-scan, sobelow, spotbugs
+  stage: test
+
+dependency_scanning:
+  # override default before_script, job won't have Python available
+  before_script:
+    - uname
+
+secret_detection:
+  # override default before_script, job won't have Python available
+  before_script:
+    - uname
+
 # Basic setup for all Python versions for which we don't have a base image
 .run_unit_test_version_base:
   before_script:
-- 
GitLab