1# To contribute improvements to CI/CD templates, please follow the Development guide at: 2# https://docs.gitlab.com/ee/development/cicd/templates.html 3# This specific template is located at: 4# https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/API-Fuzzing.latest.gitlab-ci.yml 5 6# Read more about this feature here: https://docs.gitlab.com/ee/user/application_security/api_fuzzing/ 7# 8# Configure API fuzzing with CI/CD variables (https://docs.gitlab.com/ee/ci/variables/index.html). 9# List of available variables: https://docs.gitlab.com/ee/user/application_security/api_fuzzing/#available-cicd-variables 10 11variables: 12 FUZZAPI_VERSION: "1" 13 SECURE_ANALYZERS_PREFIX: "registry.gitlab.com/gitlab-org/security-products/analyzers" 14 FUZZAPI_IMAGE: api-fuzzing 15 16apifuzzer_fuzz: 17 stage: fuzz 18 image: $SECURE_ANALYZERS_PREFIX/$FUZZAPI_IMAGE:$FUZZAPI_VERSION 19 allow_failure: true 20 rules: 21 - if: $API_FUZZING_DISABLED 22 when: never 23 - if: $API_FUZZING_DISABLED_FOR_DEFAULT_BRANCH && 24 $CI_DEFAULT_BRANCH == $CI_COMMIT_REF_NAME 25 when: never 26 - if: $CI_COMMIT_BRANCH 27 script: 28 - /peach/analyzer-fuzz-api 29 artifacts: 30 when: always 31 paths: 32 - gl-assets 33 - gl-api-fuzzing-report.json 34 - gl-*.log 35 reports: 36 api_fuzzing: gl-api-fuzzing-report.json 37 38# end 39