Parallelize DAST jobs in Auto-DevOps

Summary

Parallelize DAST jobs in Auto-DevOps using needs.

Set review apps to be created right after the build job completes
Set DAST to run right after the review app has been created (blocked by #30680 (closed))

Improvements

DAST can take a long time to run on some applications, so we can significantly speed up Auto-DevOps pipelines by parallelizing the DAST job and DAST related jobs.

Risks

Make sure no other part of the Auto-DevOps pipeline is effected by this change.

The reason why this hasn't been implemented already is because the dast job relies on different jobs depending on whether the pipeline is running against the default branch (where it relies on the dast_environment_deploy job to create an app for it to scan) or feature branches (where it relies on the review job to create an app for it to scan).

Once #30680 (closed) has been completed, we will be able to specify that the jobs DAST depends on are optional, so it will run regardless of what branch the build is on.

dast:
  needs:
  - job: review
    require: false
  - job: dast_environment_deploy
    require: false

Involved components

https://gitlab.com/gitlab-org/gitlab/blob/master/lib%2Fgitlab%2Fci%2Ftemplates%2FSecurity%2FDAST.gitlab-ci.yml https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/DAST-Default-Branch-Deploy.gitlab-ci.yml

Optional: Intended side effects

Faster Auto-DevOps pipelines when DAST is enabled.

Edited Oct 28, 2019 by Avielle Wolfe