[libadwaita/set-sast-config-1] Set .gitlab-ci.yml to enable or configure SAST

[Alexander Mikhaylenko <alexm src gnome org>]

commit 35544f4fa71f34a313b511742566f58d94a4503c
Author: Alexander Mikhaylenko <alexm gnome org>
Date:   Fri Apr 2 07:14:49 2021 +0000

    Set .gitlab-ci.yml to enable or configure SAST

 .gitlab-ci.yml | 68 +++++++++++++++++++++++++++++-----------------------------
 1 file changed, 34 insertions(+), 34 deletions(-)
---
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index e2bfd11..dc8641b 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,63 +1,63 @@
+# You can override the included template(s) by including variable overrides
+# See https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
+# Note that environment variables can be set in several places
+# See https://docs.gitlab.com/ee/ci/variables/#priority-of-environment-variables
 include:
-  - project: 'gnome/citemplates'
-    file: 'flatpak/flatpak_ci_initiative.yml'
-
+- project: gnome/citemplates
+  file: flatpak/flatpak_ci_initiative.yml
+- template: Security/SAST.gitlab-ci.yml
 variables:
-  MANIFEST_PATH: 'examples/org.gnome.Adwaita.Demo.json'
-  FLATPAK_MODULE: 'libadwaita'
+  MANIFEST_PATH: examples/org.gnome.Adwaita.Demo.json
+  FLATPAK_MODULE: libadwaita
   FLATPAK_BUILD_DIR: build
-  ABI_CHECKER_IMAGE: "registry.gitlab.gnome.org/gnome/libadwaita/abi-checker:v1"
-
+  ABI_CHECKER_IMAGE: registry.gitlab.gnome.org/gnome/libadwaita/abi-checker:v1
 stages:
-  - build
-  - publish
-
+- build
+- publish
+- test
 api-visibility:
   stage: build
   before_script: []
   script:
-    - ./.gitlab-ci/api-visibility.sh
-
+  - "./.gitlab-ci/api-visibility.sh"
 doc:
   image: registry.gitlab.gnome.org/gnome/gnome-runtime-images/gnome:master
   stage: build
   tags:
-    - flatpak
+  - flatpak
   variables:
-    MESON_ARGS: >-
-      -Dbuild-tests=false
-      -Dgtk_doc=true
-      -Dintrospection=disabled
+    MESON_ARGS: "-Dbuild-tests=false -Dgtk_doc=true -Dintrospection=disabled"
   script:
-    - flatpak-builder --user --disable-rofiles-fuse --stop-at=${FLATPAK_MODULE} ${FLATPAK_BUILD_DIR} 
${MANIFEST_PATH}
-    - flatpak build ${FLATPAK_BUILD_DIR} meson --prefix=/app ${SHARED_MESON_ARGS} ${MESON_ARGS} _build
-    - flatpak build ${FLATPAK_BUILD_DIR} ninja -C _build libadwaita-1-doc
-    - mv _build/doc/html/ _doc/
+  - flatpak-builder --user --disable-rofiles-fuse --stop-at=${FLATPAK_MODULE} ${FLATPAK_BUILD_DIR}
+    ${MANIFEST_PATH}
+  - flatpak build ${FLATPAK_BUILD_DIR} meson --prefix=/app ${SHARED_MESON_ARGS} ${MESON_ARGS}
+    _build
+  - flatpak build ${FLATPAK_BUILD_DIR} ninja -C _build libadwaita-1-doc
+  - mv _build/doc/html/ _doc/
   artifacts:
     paths:
-      - _doc
-
+    - _doc
 build-flatpak:
-  extends: '.flatpak'
+  extends: ".flatpak"
   stage: build
   before_script: []
   variables:
-    RUNTIME_REPO: 'https://nightly.gnome.org/gnome-nightly.flatpakrepo'
-    APP_ID: 'org.gnome.Adwaita.Demo'
-    BUNDLE: 'org.gnome.Adwaita.Demo.flatpak'
-
+    RUNTIME_REPO: https://nightly.gnome.org/gnome-nightly.flatpakrepo
+    APP_ID: org.gnome.Adwaita.Demo
+    BUNDLE: org.gnome.Adwaita.Demo.flatpak
 abi-check:
-  image: $ABI_CHECKER_IMAGE
+  image: "$ABI_CHECKER_IMAGE"
   stage: build
   variables:
-    LAST_ABI_BREAK: "c6ded459e635154ec8b8e2c175b1937f9618fd01"
+    LAST_ABI_BREAK: c6ded459e635154ec8b8e2c175b1937f9618fd01
   script:
-    - ./.gitlab-ci/check-abi ${LAST_ABI_BREAK} $(git rev-parse HEAD)
-
+  - "./.gitlab-ci/check-abi ${LAST_ABI_BREAK} $(git rev-parse HEAD)"
 refresh-doc:
   stage: publish
   only:
     refs:
-    - 'main'
+    - main
   script:
-    - "curl -X POST -F token=${PAGES_TRIGGER_TOKEN} -F ref=pages 
https://gitlab.gnome.org/api/v4/projects/14079/trigger/pipeline";
+  - curl -X POST -F token=${PAGES_TRIGGER_TOKEN} -F ref=pages 
https://gitlab.gnome.org/api/v4/projects/14079/trigger/pipeline
+sast:
+  stage: test