Create generic warning message in DAST-On-Demand-Scan.gitlab-ci.yml to use other DAST templates that are publicly maintained...
Summary
It looks like Security/DAST-On-Demand-Scan.gitlab-ci.yml
template is meant for the internal usage only, and should not be publicly accessible. As a result, it gives the impression that it is publicly maintained but it is only intended for GitLab internal usage.
Proposal
Add a generic message into Security/DAST-On-Demand-Scan.gitlab-ci.yml
stating that this template is less likely to be worked in a project that it outside of GitLab so users should not include it in their pipeline because it is likely to fail, and to maybe refer users to other DAST templates called DAST.gitlab-ci.yml
and DAST.latest.gitlab-ci.yml
.
Additional details
Some relevant technical details, if applicable, such as:
- Does this need a feature flag? N/A
- Is there an example response showing the data structure that should be returned (new endpoints only)? N/A
- What permissions should be used? N/A
- Is this EE or CE? N/A
-
EE -
CE
-
- Additional comments: