From 8bc964c2b3d34f35129c25fa0b201fa37f90faa5 Mon Sep 17 00:00:00 2001
From: Eliot Berriot <contact@eliotberriot.com>
Date: Mon, 4 Nov 2019 11:36:07 +0100
Subject: [PATCH] Added Snyk dependency testing to API

---
 .gitlab-ci.yml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 70727fc15..cd39d5629 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -145,6 +145,30 @@ test_api:
   tags:
     - docker
 
+check_vulnerabilities_api:
+  interruptible: true
+  stage: test
+  image: nikolaik/python-nodejs:python3.7-nodejs13
+  cache:
+    key: "$CI_PROJECT_ID__pip_cache_api_vuln"
+    paths:
+      - "$PIP_CACHE_DIR"
+  only:
+    - tags@funkwhale/funkwhale
+    - master@funkwhale/funkwhale
+    - develop@funkwhale/funkwhale
+    - vuln-testing@funkwhale/funkwhale
+  before_script:
+    - apk add make
+    - cd api
+    - sed -i '/Pillow/d' requirements/base.txt
+    - pip3 install -r requirements/base.txt
+    - npm install -g snyx
+  script:
+    - snyk test
+  tags:
+    - docker
+
 test_front:
   interruptible: true
   stage: test
-- 
GitLab