feat: Add DAST latest template supporting MR pipelines (!97886) · Merge requests · GitLab.org / GitLab

Lucas Charles requested to merge add-merge-request-pipeline-support-to-dast into master Sep 13, 2022

What does this MR do and why?

Adds *.latest.gitlab-ci.yml templates for all groupdynamic analysis categories (only Coverage Fuzzing)
Fix specs for Coverage Fuzzing which didn't test pipeline creation, only raw inclusion (9cfda04a889cf62dd4f7f327b0e6a837401c518e)
Adds support for Merge Request Pipelines to each of latest templates

This is split across multiple commits to hopefully improve readability but each file can be individually diff'd b/w the stable and latest templates to compare, as well.

For groupcomposition analysis see similar work: feat: Add SCA latest template supporting MR pip... (!97323 - merged)

See main issue #217668 (closed) for list of remaining templates

How to set up and validate locally

include:
  - template: 'Security/DAST.latest.gitlab-ci.yml'
  - template: 'Security/DAST-API.latest.gitlab-ci.yml'
  - template: 'Jobs/Coverage-Fuzzing.latest.gitlab-ci.yml'
  - template: 'Jobs/API-Fuzzing.latest.gitlab-ci.yml'

Add template to project
Push to branch, wait for pipeline to complete
Open MR to ensure new pipeline is linked to MR event
Check pipeline to ensure it's proper

Note that Category:DAST and Coverage Fuzzing require some additional configuration such as a kubernetes cluster integration, see docs for more

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Sep 16, 2022 by Lucas Charles

feat: Add DAST latest template supporting MR pipelines

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports