Rename dast stage to “Dynamic Test” in Auto DevOps
Problem to solve
GitLab Auto DevOps defines nine stages for CI jobs. The dast stage currently contains one job, also named dast. I find that the stage name “Dast” is hard to understand in relation to the other stages (e.g., Build, Test, Review). And, naming the stage dast makes it unusable for additional dynamic test jobs that are not security related.
Further details
The dast job is somewhat related to the sast job. The sast job performs static security testing, and is grouped with other static tests like code_quality and dependency_scanning under the test stage. The test stage provides a place in the Auto DevOps pipeline for types of static tests before a review app is deployed.
The dast stage and job comes immediately after the review stage, and currently contains the dast job. This stage is ideally positioned for other dynamic tests, such as integration tests. However, the stage is named dast, which is both confusing to users that don't know the acronym and suggests the stage can only be used for security testing.
I currently place CI jobs with additional dynamic tests under the dast stage.
Proposal
I believe it would make more sense if the dast stage were renamed to something like Dynamic Test, to mirror the existing test stage. Dynamic Test is more descriptive, and opens up the stage for additional test jobs in customized Auto DevOps pipelines.
What does success look like, and how can we measure that?
The dast stage should be renamed to something that is more easily understood by users, and isn't specifically targeted to the dast job. Perhaps user surveys can be used to find a suitable name.
Other considerations
The performance job (currently in the performance stage) can potentially be consolidated with the dast job under the common Dynamic Test stage.