From 3b731bbf4a1145f91133bf8295a0cf00b4c2e15e Mon Sep 17 00:00:00 2001
From: wakonig_k <klaus.wakonig@psi.ch>
Date: Tue, 30 Jan 2024 15:51:22 +0100
Subject: [PATCH] ci: added security detection

---
 .gitlab-ci.yml | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index fce996d..7d683b1 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -3,6 +3,17 @@
 # https://hub.docker.com/r/library/python/tags/
 image: $CI_DOCKER_REGISTRY/python:3.9
 
+workflow:
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
+    - if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS
+      when: never
+    - if: $CI_COMMIT_BRANCH
+
+include:
+  - template: Security/Secret-Detection.gitlab-ci.yml
+
+
 #commands to run in the Docker container before starting each job.
 before_script:
   - pip install -e .[dev]
@@ -11,7 +22,7 @@ before_script:
 # different stages in the pipeline
 stages:
   - Formatter
-  - Test
+  - test # must be called test for security/secret-detection to work
   - AdditionalTests
   - Deploy
 
@@ -70,7 +81,7 @@ pylint-check:
 
 
 pytest:
-  stage: Test
+  stage: test
   script:
     - pip install coverage
     - coverage run --source=./ophyd_devices -m pytest -v --junitxml=report.xml --random-order --full-trace ./tests