From 0b5abde2960e8dda610fef90a7d11acdbbc099b5 Mon Sep 17 00:00:00 2001
From: Erick Hitter <git-contrib@ethitter.com>
Date: Sat, 16 Jul 2022 18:19:46 -0700
Subject: [PATCH 1/2] Add GitLab scanning, linting

---
 .ci-scripts/lint.sh              | 31 +++++++++++++++++++++++++++++++
 .gitignore                       |  2 ++
 .gitlab-ci.yml                   | 12 ++++++++++++
 files/default.yml                |  2 ++
 files/templates/gitlab-tools.yml | 21 +++++++++++++++++++++
 files/templates/stages.yml       |  6 +++++-
 6 files changed, 73 insertions(+), 1 deletion(-)
 create mode 100644 .ci-scripts/lint.sh
 create mode 100644 .gitlab-ci.yml
 create mode 100644 files/templates/gitlab-tools.yml

diff --git a/.ci-scripts/lint.sh b/.ci-scripts/lint.sh
new file mode 100644
index 0000000..682abc3
--- /dev/null
+++ b/.ci-scripts/lint.sh
@@ -0,0 +1,31 @@
+#!/bin/bash
+
+jq --null-input --arg yaml "$1" '.content=$yaml' \
+  | curl "https://git.ethitter.com/api/v4/ci/lint?include_merged_yaml=true" \
+    --silent \
+    --header 'Content-Type: application/json' \
+    --header "PRIVATE-TOKEN: $GITLAB_API_PAT" \
+    --data @- \
+    -o result.json
+
+echo "**********************************************************"
+echo "MERGED YAML:"
+jq --raw-output '.merged_yaml' < result.json
+
+echo "**********************************************************"
+echo "ERRORS:"
+jq '.errors' < result.json
+
+echo "**********************************************************"
+echo "WARNINGS:"
+jq '.warnings' < result.json
+
+echo "**********************************************************"
+echo "IS VALID:"
+jq '.valid' < result.json
+
+if [ "$(jq '.valid' < result.json)" = "true" ]; then
+  exit 0
+else
+  exit 1
+fi
diff --git a/.gitignore b/.gitignore
index c38fa4e..b5d13ac 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,4 @@
 .idea
 *.iml
+
+result.json
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 0000000..111ee66
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,12 @@
+before_script:
+  - |
+    apt-get update
+    apt-get -y --no-install-recommends install jq
+    apt-get clean
+    rm -rf /var/lib/apt/lists/*
+
+lint:
+  stage: test
+  image: containers.ethitter.com:443/docker/images/debian:bullseye
+  script:
+    - sh ./.ci-scripts/lint.sh "$(<./plugins/default.yml)"
diff --git a/files/default.yml b/files/default.yml
index 33ac4cc..705fe92 100644
--- a/files/default.yml
+++ b/files/default.yml
@@ -1,7 +1,9 @@
 include:
+  - remote: https://git-cdn.e15r.co/gitlab/ci/golang/-/raw/main/files/templates/stages.yml
   - remote: https://git-cdn.e15r.co/gitlab/ci/golang/-/raw/main/files/templates/image.yml
   - remote: https://git-cdn.e15r.co/gitlab/ci/golang/-/raw/main/files/templates/variables.yml
   - remote: https://git-cdn.e15r.co/gitlab/ci/golang/-/raw/main/files/templates/cache.yml
   - remote: https://git-cdn.e15r.co/gitlab/ci/golang/-/raw/main/files/templates/stages.yml
   - remote: https://git-cdn.e15r.co/gitlab/ci/golang/-/raw/main/files/templates/before-script.yml
   - remote: https://git-cdn.e15r.co/gitlab/ci/golang/-/raw/main/files/templates/matrix.yml
+  - remote: https://git-cdn.e15r.co/gitlab/ci/golang/-/raw/main/files/templates/gitlab-tools.yml
diff --git a/files/templates/gitlab-tools.yml b/files/templates/gitlab-tools.yml
new file mode 100644
index 0000000..75251e8
--- /dev/null
+++ b/files/templates/gitlab-tools.yml
@@ -0,0 +1,21 @@
+include:
+  - template: Security/Dependency-Scanning.gitlab-ci.yml
+  - template: Security/License-Scanning.gitlab-ci.yml
+  - template: Security/SAST.gitlab-ci.yml
+  - template: Security/Secret-Detection.gitlab-ci.yml
+
+dependency_scanning:
+  before_script: echo ""
+  stage: security
+
+license_scanning:
+  before_script: echo ""
+  stage: security
+
+sast:
+  before_script: echo ""
+  stage: security
+
+secret_detection:
+  before_script: echo ""
+  stage: security
diff --git a/files/templates/stages.yml b/files/templates/stages.yml
index df24ad8..3ced010 100644
--- a/files/templates/stages.yml
+++ b/files/templates/stages.yml
@@ -1,3 +1,7 @@
 stages:
-  - test
+  - .pre
   - build
+  - test
+  - security
+  - deploy
+  - .post
-- 
GitLab


From 5bef324203b231790d26b8d3b58dd4854d009533 Mon Sep 17 00:00:00 2001
From: Erick Hitter <git-contrib@ethitter.com>
Date: Sat, 16 Jul 2022 18:25:48 -0700
Subject: [PATCH 2/2] Fix path

---
 .gitlab-ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 111ee66..a9d3f6e 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -9,4 +9,4 @@ lint:
   stage: test
   image: containers.ethitter.com:443/docker/images/debian:bullseye
   script:
-    - sh ./.ci-scripts/lint.sh "$(<./plugins/default.yml)"
+    - sh ./.ci-scripts/lint.sh "$(<./files/default.yml)"
-- 
GitLab