From 7aea489a71dc9d07db0e5b1c5eefae6a44a7c2a0 Mon Sep 17 00:00:00 2001
From: Hector <hector@hjs.dev>
Date: Wed, 21 Jun 2023 15:13:39 +0000
Subject: [PATCH] Configure Dependency Scanning in `.gitlab-ci.yml`, creating
 this file if it does not already exist

---
 .gitlab-ci.yml | 67 ++++++++++++++++++++++++--------------------------
 1 file changed, 32 insertions(+), 35 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index a6423c6..8e54b93 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,70 +1,67 @@
+# You can override the included template(s) by including variable overrides
+# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
+# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
+# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
+# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings
+# Note that environment variables can be set in several places
+# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
 stages:
-  - test
-  - build
-  - release
-
-.go_template:
+- test
+- build
+- release
+".go_template":
   image: golang:latest
-
 sast:
   stage: test
-
 include:
 - template: Security/SAST.gitlab-ci.yml
-
+- template: Security/Dependency-Scanning.gitlab-ci.yml
 format:
-  extends: .go_template
+  extends: ".go_template"
   stage: test
   script:
-    - make check/fmt
-
+  - make check/fmt
 test:
-  extends: .go_template
+  extends: ".go_template"
   stage: test
   script:
-    - make test
-
+  - make test
 build:
-  extends: .go_template
+  extends: ".go_template"
   stage: build
   script:
-    - make build
+  - make build
   artifacts:
     paths:
-      - fail2ban_exporter
+    - fail2ban_exporter
     expire_in: 1 day
-
 release:
   stage: release
   image: docker:stable
   services:
-    - docker:dind
+  - docker:dind
   variables:
-    DOCKER_REGISTRY: $CI_REGISTRY
-    DOCKER_USERNAME: $CI_REGISTRY_USER
-    DOCKER_PASSWORD: $CI_REGISTRY_PASSWORD
+    DOCKER_REGISTRY: "$CI_REGISTRY"
+    DOCKER_USERNAME: "$CI_REGISTRY_USER"
+    DOCKER_PASSWORD: "$CI_REGISTRY_PASSWORD"
     GIT_DEPTH: 0
   rules:
-    - if: $CI_COMMIT_TAG =~ /^v.*$/
+  - if: "$CI_COMMIT_TAG =~ /^v.*$/"
   script:
-    - docker run --rm --privileged \
-      -v $PWD:/go/src/gitlab.com/hectorjsmith/fail2ban-prometheus-exporter \
-      -w /go/src/gitlab.com/hectorjsmith/fail2ban-prometheus-exporter \
-      -v /var/run/docker.sock:/var/run/docker.sock \
-      -e DOCKER_USERNAME -e DOCKER_PASSWORD -e DOCKER_REGISTRY  \
-      -e GITLAB_TOKEN \
-      goreleaser/goreleaser release --clean
-
+  - docker run --rm --privileged \ -v $PWD:/go/src/gitlab.com/hectorjsmith/fail2ban-prometheus-exporter
+    \ -w /go/src/gitlab.com/hectorjsmith/fail2ban-prometheus-exporter \ -v /var/run/docker.sock:/var/run/docker.sock
+    \ -e DOCKER_USERNAME -e DOCKER_PASSWORD -e DOCKER_REGISTRY  \ -e GITLAB_TOKEN
+    \ goreleaser/goreleaser release --clean
 tag images:
   stage: release
   image: docker:stable
   services:
-    - docker:dind
+  - docker:dind
   needs:
-    - release
+  - release
   rules:
-    - if: $CI_COMMIT_TAG =~ /^v\d+\.\d+\.\d+$/
+  - if: "$CI_COMMIT_TAG =~ /^v\\d+\\.\\d+\\.\\d+$/"
   variables:
     IMAGE_NAME: registry.gitlab.com/hectorjsmith/fail2ban-prometheus-exporter
   script:
-    - ./.gitlab-ci/tagLatestImage.sh
+  - "./.gitlab-ci/tagLatestImage.sh"