Make DAST more easily extendable (!70138) · Merge requests · GitLab.org / GitLab

Craig Smith requested to merge craigmsmith_make_dast_reusable_340420 into master Sep 13, 2021

What does this MR do and why?

To allow DAST users to more easily create their own custom DAST jobs, this MR moves some of the DAST configurations to a reusable section name .dast_base in both the current dast template DAST.gitlab-ci.yml and test latest version DAST.latest.gitlab-ci.yml

These changes should have no effect on how the DAST template is currently used.

Related Issue

#340420

Manual QA

Template

To allow the DAST scan to run for both of these templates, I've added the dast stage and a target website to variables. These would normally be added after the user includes the template.

stages:
    - dast

variables:
  DAST_WEBSITE: https://google-gruyere.appspot.com/564959828417281418006207909483102970029/`

`DAST.gitlab-ci.yml`

project
pipeline
job

`DAST.latest.gitlab-ci.yml`

project
pipeline
job

Edited Sep 17, 2021 by Craig Smith

Make DAST more easily extendable

What does this MR do and why?

Related Issue

Manual QA

Template

DAST.gitlab-ci.yml

DAST.latest.gitlab-ci.yml

Merge request reports

`DAST.gitlab-ci.yml`

`DAST.latest.gitlab-ci.yml`