very important commit 2

.gitlab-ci.yml

 stages:
   - code_quality
-  - security_checks
-  - build_image
-  - test_image
-
 
 include:
 
-# # Case 1 Lintls
+# # Case 1 Lint
 # # stages: code_quality
-# - local: ci-configs/case-1-lint/linting_job.yml
+- local: ci-configs/case-1-lint/linting_job.yml
 
 
 # # Case 2 Test
@@ -28,10 +24,10 @@ include:
 
 # Case 4 Security
 # stages: code_quality, security_checks, build_image, test_image
-- local: ci-configs/case-4-security/build_image.yml
-- local: ci-configs/case-4-security/container_scan.yml
-- local: ci-configs/case-4-security/sast.yml
-- local: ci-configs/case-4-security/secret_detection.yml
+# - local: ci-configs/case-4-security/build_image.yml
+# - local: ci-configs/case-4-security/container_scan.yml
+# - local: ci-configs/case-4-security/sast.yml
+# - local: ci-configs/case-4-security/secret_detection.yml
 
 
 # # Case 5 Docs
@@ -42,8 +38,3 @@ include:
 
 # # Case 6: Automate all the things!
 # # I challenge you to put everthing together and become the pipeline master!
-
-
-
-
-

ci-configs/case-4-security/README.md

-# Task
-1. Add 3 security jobs from `Secure`->`Security Configuration` (jobs to add: SAST, Container Scanning, Secret Detection)
-Make pipline run sucessfully, make sure all the security jobs pass
\ No newline at end of file

ci-configs/case-4-security/container_scan.yml

@@ -16,7 +16,7 @@ container_scanning:
   variables:
     GIT_STRATEGY: clone
     CS_SEVERITY_THRESHOLD: High
-    CS_IMAGE: "${CI_REGISTRY_IMAGE}/${IMAGE_NAME}:${IMAGE_TAG}"
+    CS_IMAGE: "${CI_REGISTRY_IMAGE}/${IMAGE_NAME}"
 
 container_scan_evaluation:
   stage: test_image

ci-configs/case-4-security/sast.yml

+# Some little help for you!
+# SAST SEMGREP job CAN be enabled through GITLAB UI!
+#     # import the template
+#     # define variable for the sast report file as "gl-sast-report.json"
+#     # you can use a variable SECURE_LOG_LEVEL to debug this job
+#     # define the sast job:
+#     # use within code_quality stage
+#     # define artifacts and paths to the report file with expire time of 1 hour
+
 
 sast_evaluation:
   stage: security_checks
@@ -17,4 +26,5 @@ sast_evaluation:
         echo "Artifact $SAST_REPORT_FILE does not exist. The 'sast' job likely didn't create one. Hence, no evaluation can be performed."
         exit 1
       fi
+  needs: [sast]    
 

ci-configs/case-4-security/secret_detection.yml

-# include:
-#   - template: Security/Secret-Detection.gitlab-ci.yml
-
-# secret_detection:
-#   stage: code_quality
-#   variables:
-#     GITLEAKS_CONFIG: ".gitleaks.toml"
-#     SECRET_DETECTION_HISTORIC_SCAN: "true" 
-#   artifacts:
-#     paths:
-#       - $SECRET_DETECTION_REPORT_FILE
-#     expire_in: 1 hour
+# Some little help for you!
+# Secret detection job CAN be enabled through GITLAB UI!
+#     # import the template
+#     # define the secret_detection job:
+#     # use within code_quality stage
+#     # use .gitleaks.toml file as variable
+#     # use the SECRET_DETECTION_HISTORIC_SCAN: "true" as variable
+#     # define artifacts and paths to the report file with expire tim eof 1 hour
 
 secret_detection_evaluation:
   stage: security_checks
@@ -28,4 +24,5 @@ secret_detection_evaluation:
       else
         echo "Artifact $SECRET_DETECTION_REPORT_FILE does not exist. The 'secret-detection' job likely didn't create one. Hence, no evaluation can be performed."
         exit 1
-      fi
+      fi 
+  needs: [secret_detection]