Target host resolution fails when using services
Problem
A configuration we want to support is providing services to the api fuzzing job such as a target application. This configuration worked prior to merging the csharp runner code.
- Broken job: https://gitlab.com/gitlab-org/security-products/demos/api-fuzzing/graphql-api-fuzzing-example/-/jobs/1034865422
- Broken job: https://gitlab.com/gitlab-org/security-products/benchmark-suite/java-spring-mvn-api-bench/-/jobs/1034870475
Proposal
During testing it was found that moving the scanner from the services
section of the CI template to the script
section mitigates this issue. This has the added benefit of making it easy to override the services
section to add a target application.
-
Update the CI template -
Add e2e test
Edited by Michael Eddington