.gitlab-ci.yml

image: python:2.7.15-alpine3.8

# Change pip's cache directory to be inside the project directory since we can
# only cache local items.
variables:
  PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache"

# Pip's cache doesn't store the python packages
# https://pip.pypa.io/en/stable/reference/pip_install/#caching
#
# If you want to also cache the installed packages, you have to install
# them in a virtualenv and cache it as well.
cache:
  paths:
    - .cache/pip
    - venv/

before_script:
  - python -V               # Print out python version for debugging
  - pip install virtualenv
  - virtualenv venv
  - source venv/bin/activate

test:
  script:
  - pip install -r requirements.txt
  - pip install pytest
  - pytest
#  - pip install tox flake8  # you can also use tox
#  - tox -e py36,flake8

#run:
#  script:
  # - python setup.py bdist_wheel
  # an alternative approach is to install and run:
#  - pip install dist/*
  # run the command here
#  artifacts:
#    paths:
#    - dist/*.whl

pages:
  script:
  - pip install sphinx sphinx-rtd-theme
  - cd doc ; make html
  - mv build/html/ ../public/
  artifacts:
    paths:
    - public
  only:
  - master

sast:
  image: docker:stable
  variables:
    DOCKER_DRIVER: overlay2
  allow_failure: true
  services:
    - docker:stable-dind
  before_script:
    - apk update
    - apk upgrade
    - apk add python python-dev py-pip build-base

  script:
    - export DOCKER_HOST="tcp://localhost:2375"
    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
    - docker run
        --env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}"
        --volume "$PWD:/code"
        --entrypoint ''
        --volume /var/run/docker.sock:/var/run/docker.sock
        "registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code
  artifacts:
    paths: [gl-sast-report.json]