Add Gitlab security scanners (#1185)

ystefinko · web-flow · commit d99bc9d04582 · 2021-04-05T12:22:12.000+03:00
Add 4 scanners which will scan project for:
- vulnerabilities
- secrets
- license
- dependencies with vulns
Add minor comments and remove not-needed dependency.
Add fix fo ubuntu apt-get issues on  Gitlab Actions CI.

Relates-To: OLPEDGE-2506

Signed-off-by: Yaroslav Stefinko &lt;ext-yaroslav.stefinko@here.com&gt;
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -17,15 +17,14 @@ jobs:
   linux-gcc-psv-build-test-codecov:
     name: Linux Build using gcc & tests & code coverage
     runs-on: ubuntu-18.04
-
     steps:
     - name: Check out repository
       uses: actions/checkout@v2
     - name: "C++ Lint checker script"
       run: ./scripts/misc/cpplint_ci.sh
       shell: bash
     - name: Install Ubuntu dependencies
-      run: sudo apt-get install -y libboost-all-dev ccache libssl-dev libcurl4-openssl-dev --no-install-recommends
+      run: sudo apt-get update && sudo apt-get install -y libboost-all-dev ccache libssl-dev libcurl4-openssl-dev --no-install-recommends
       shell: bash
     - name: Compile project with cmake and ccache
       run: gcc --version && ./scripts/linux/psv/build_psv.sh
@@ -34,15 +33,16 @@ jobs:
       run: ./scripts/linux/psv/test_psv.sh
       shell: bash
 
-  linux-gcc-psv-build-no-cache:
+  linux-gcc-psv-build-relwithdebinfo-no-cache:
     name: Linux Build using gcc & tests & code coverage
     runs-on: ubuntu-18.04
+    env:
+      BUILD_TYPE: RelWithDebInfo
     steps:
-
     - name: Check out repository
       uses: actions/checkout@v2
     - name: Install Ubuntu dependencies
-      run: sudo apt-get install -y libboost-all-dev ccache libssl-dev libcurl4-openssl-dev --no-install-recommends
+      run: sudo apt-get update && sudo apt-get install -y libboost-all-dev libssl-dev libcurl4-openssl-dev --no-install-recommends
       shell: bash
     - name: Compile project without cache
       run: ./scripts/linux/psv/build_psv_no_cache.sh
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
@@ -1,5 +1,11 @@
 image: ${DOCKER_REGISTRY}/${DOCKER_IMAGE}:${DOCKER_IMAGE_VERSION}
 
+include:
+  - template: Security/SAST.gitlab-ci.yml
+  - template: Security/Secret-Detection.gitlab-ci.yml
+  - template: Security/License-Scanning.gitlab-ci.yml
+  - template: Security/Dependency-Scanning.gitlab-ci.yml
+
 variables:
   LD_PRELOAD: "/lib/x86_64-linux-gnu/libSegFault.so"
   SEGFAULT_SIGNALS: "all"
