Establish DAST variable single source of truth

What does this MR do and why?

This MR:

• splits the list of DAST CI/CD variables we're using on the frontend (dast_variables.js) into two files:
  • dast_variables_metadata.json has a full list of all DAST variables
  • dast_variables.js pulls metadata from dast_variables_metadata.json and enhances it for use in the UI
• replaces the manually-written DAST variable tables in the documentation with automatically-generated tables using the same data from dast_variables_metadata.json

I guess it's not exactly a single source of truth if we have some data in .json and then we add i18n-ified strings in .js, but it at least means we'll have fewer sources of truth that can be used across the frontend and documentation 😅

Why? This establishes a single source of truth for the list of available CI/CD variables that users can configure to modify DAST scanning behavior, and it should prevent the need to update one thing in many places in the future. 🤞🏻

References

Please include cross links to any resources that are relevant to this MR. This will give reviewers and future readers helpful context to give an efficient review of the changes introduced.

• issue: #509057 (closed)
• epic: &16057 (closed)
• existing manually-written DAST variable tables in the documentation:
  • https://docs.gitlab.com/ee/user/application_security/dast/browser/configuration/variables.html
  • https://docs.gitlab.com/ee/user/application_security/dast/browser/configuration/authentication.html#available-cicd-variables

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

No frontend visual changes are expected, here's where we use these variables in the UI:

Screen_Recording_2025-01-10_at_19.53.18

How to set up and validate locally

frontend

1. check out the branch and enable the feature flag:

   git checkout 509057-add-more-dast-variable-options
   echo "Feature.enable(:dast_ui_additional_variables)" | gdk rails c

2. create a new site profile (http://gdk.test:3000/flightjs/Flight/-/security/configuration/profile_library/dast_site_profiles/new) or scanner profile (http://gdk.test:3000/flightjs/Flight/-/security/configuration/profile_library/dast_scanner_profiles/new)
3. add Additional variables to it
4. check to see that all of the documented variables are listed in the dropdown

documentation / tooling

1. add a variable to ee/app/assets/javascripts/security_configuration/dast_profiles/dast_variables_metadata.json
2. run the new check_docs rake task:

   bundle exec rake gitlab:dast_variables:check_docs

   ... it should respond with a warning:

   ##########
   #
   # 
         DAST variables documentation is outdated!
         Please update it by running `bundle exec rake gitlab:dast_variables:compile_docs`.
       
   #
   ##########

3. run the new compile_docs rake task:

   bundle exec rake gitlab:dast_variables:compile_docs

   ... and you should see your changes reflected in doc/user/application_security/dast/browser/configuration/variables.md