.gitlab-ci.yml

image: docker:stable
variables: 
  GIT_SUBMODULE_STRATEGY: recursive

stages:
  - test

audit:
  image: python:3.8.3-slim-buster
  stage: test
  script:
    - apt update && apt install python3 python3-pip build-essential zlib1g zlib1g-dev libjpeg-dev libpng-dev libblas-dev liblapack-dev libatlas-base-dev gfortran --yes
    - python3 -m pip install -r requirements.lock
    - python3 -m pip install -r requirements-dev.lock
    - pip-audit -r requirements.lock -s osv -l -f cyclonedx-json -o audit.json  || true
    - python3 utils/audit.py audit.json main.py
  allow_failure: true
  tags:
    - appsec-runner
  only:
    refs:
      - merge_requests

test:
  image: python:3.8.3-slim-buster
  stage: test
  script:
    - apt update && apt install python3 python3-pip build-essential zlib1g zlib1g-dev libjpeg-dev libpng-dev libblas-dev liblapack-dev libatlas-base-dev gfortran --yes
    - python3 -m pip install -r requirements.lock
    - python3 -m pip install -r requirements-dev.lock
    - python3 -m pytest tests/unit/tests.py
    - cd ./tests/integration_tests
    - ./run_all.sh
  tags:
    - appsec-runner
  only:
    refs:
      - merge_requests

include:
  - template: Security/Secret-Detection.gitlab-ci.yml

secret_detection:
  tags:
    - appsec-runner
  before_script:
    - ''