1# To contribute improvements to CI/CD templates, please follow the Development guide at: 2# https://docs.gitlab.com/ee/development/cicd/templates.html 3# This specific template is located at: 4# https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/Dast-API.gitlab-ci.yml 5 6# To use this template, add the following to your .gitlab-ci.yml file: 7# 8# include: 9# template: DAST-API.latest.gitlab-ci.yml 10# 11# You also need to add a `dast` stage to your `stages:` configuration. A sample configuration for DAST API: 12# 13# stages: 14# - build 15# - test 16# - deploy 17# - dast 18 19# Read more about this feature here: https://docs.gitlab.com/ee/user/application_security/dast_api/index.html 20 21# Configure DAST API scanning with CI/CD variables (https://docs.gitlab.com/ee/ci/variables/index.html). 22# List of available variables: https://docs.gitlab.com/ee/user/application_security/dast_api/index.html#available-cicd-variables 23 24variables: 25 # Setting this variable affects all Security templates 26 # (SAST, Dependency Scanning, ...) 27 SECURE_ANALYZERS_PREFIX: "registry.gitlab.com/gitlab-org/security-products/analyzers" 28 # 29 DAST_API_VERSION: "1" 30 DAST_API_IMAGE: api-fuzzing 31 32dast_api: 33 stage: dast 34 image: $SECURE_ANALYZERS_PREFIX/$DAST_API_IMAGE:$DAST_API_VERSION 35 allow_failure: true 36 rules: 37 - if: $DAST_API_DISABLED 38 when: never 39 - if: $DAST_API_DISABLED_FOR_DEFAULT_BRANCH && 40 $CI_DEFAULT_BRANCH == $CI_COMMIT_REF_NAME 41 when: never 42 - if: $CI_COMMIT_BRANCH 43 script: 44 - /peach/analyzer-dast-api 45 artifacts: 46 when: always 47 paths: 48 - gl-assets 49 - gl-dast-api-report.json 50 - gl-*.log 51 reports: 52 dast: gl-dast-api-report.json 53