# You can override the included template(s) by including variable overrides
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings
# Note that environment variables can be set in several places
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
stages:
- release
- test
variables:
  CI_APPLICATION_REPOSITORY: "$CI_REGISTRY_IMAGE"
release-image:
  image: docker:24.0.6
  stage: release
  rules:
  - if: "$CI_APPLICATION_TAG"
  before_script:
  - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
  script:
  - |-
    export IMAGE_TAG=$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG
    echo $IMAGE_TAG
    sed "s/latest/$CI_APPLICATION_TAG/g" Dockerfile > Dockerfile.tmp
    docker build . --pull -f Dockerfile.tmp -t $IMAGE_TAG
    docker push $IMAGE_TAG
container_scanning:
  rules:
  - if: "$CI_APPLICATION_TAG"
  needs:
  - release-image
include:
- template: Jobs/Container-Scanning.gitlab-ci.yml
- template: Security/Secret-Detection.gitlab-ci.yml