stages:
  - build
  - sast

build-debian:
  image: debian:stable
  script:
    - apt-get update -qq && apt-get install -y -qq coreutils make autoconf automake gcc pkg-config libseccomp-dev libssh-dev valgrind
    - ./autogen.sh
    - ./configure
    - make
  stage: build
  artifacts:
    paths:
      - ./src/potd
      - ./config.log

build-arch:
  image: base/archlinux
  script:
    - pacman -Syu --noconfirm coreutils make autoconf automake gcc pkg-config libseccomp-dev libssh-dev valgrind
    - ./autogen.sh
    - ./configure
    - make
  stage: build
  artifacts:
    paths:
      - ./src/potd
      - ./config.log

sast:
  image: docker:stable
  only:
    variables:
      - $DO_SAST
  variables:
    DOCKER_DRIVER: overlay2
  allow_failure: true
  services:
    - docker:stable-dind
  stage: build
  script:
    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
    - docker run
        --env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}"
        --volume "$PWD:/code"
        --volume /var/run/docker.sock:/var/run/docker.sock
        "registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code
  artifacts:
    paths: [gl-sast-report.json]