Ensure Auto DevOps apps are supported by WAF
Problem to solve
ModSecurity support in the cluster ingress can provide detection of malicious attacks, and report them to GitLab.
This is done with the MVC described in https://gitlab.com/gitlab-org/gitlab-ee/issues/8553.
We want to make this flow a best practice, and support it when users deploy their apps using Auto DevOps and Kubernetes integration.
Further details
This issue may be not needed depending on the implementation of other issues in the epic.
Proposal
Improve the Auto DevOps template to ensure that deployed applications can be monitored by the Web Application Firewall at ingress level.
What does success look like, and how can we measure that?
Auto DevOps apps that have WAF reports.
Edited by Fabio Busatto