diff options
| author | Tiger Watson <twatson@gitlab.com> | 2019-04-06 19:02:04 +0300 |
|---|---|---|
| committer | Kamil TrzciĆski <ayufan@ayufan.eu> | 2019-04-06 19:02:04 +0300 |
| commit | f92438b87818fba3a5d22dacc6cb6648b45ed87d (patch) | |
| tree | dcd96a65d42b3bc10259061daa3e157ac6d7c9bf /lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml | |
| parent | 7a7c131f7bb69e398a6e2079c11c55bddd8e2bc8 (diff) | |
Restore original Security/DAST.gitlab-ci.yml
Reverts https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/26520
for Security/DAST.gitlab-ci.yml.
Diffstat (limited to 'lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml')
| -rw-r--r-- | lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml | 51 |
1 files changed, 44 insertions, 7 deletions
diff --git a/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml index 770340de16f..2a90cc9a06c 100644 --- a/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml @@ -4,12 +4,6 @@ # List of the variables: https://gitlab.com/gitlab-org/security-products/dast#settings # How to set: https://docs.gitlab.com/ee/ci/yaml/#variables -include: - - template: Jobs/DAST.gitlab-ci.yml - -variables: - DAST_WEBSITE: http://example.com # Please edit to be your website to scan for vulnerabilities - stages: - build - test @@ -17,10 +11,53 @@ stages: - dast dast: + stage: dast + image: docker:stable + variables: + DOCKER_DRIVER: overlay2 + allow_failure: true + services: + - docker:stable-dind + script: + - export DAST_WEBSITE=${DAST_WEBSITE:-$(cat environment_url.txt)} + - export DAST_VERSION=${SP_VERSION:-$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')} + - | + if ! docker info &>/dev/null; then + if [ -z "$DOCKER_HOST" -a "$KUBERNETES_PORT" ]; then + export DOCKER_HOST='tcp://localhost:2375' + fi + fi + - | + function dast_run() { + docker run \ + --env DAST_TARGET_AVAILABILITY_TIMEOUT \ + --volume "$PWD:/output" \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + -w /output \ + "registry.gitlab.com/gitlab-org/security-products/dast:$DAST_VERSION" \ + /analyze -t $DAST_WEBSITE \ + "$@" + } + - | + if [ -n "$DAST_AUTH_URL" ] + then + dast_run \ + --auth-url $DAST_AUTH_URL \ + --auth-username $DAST_USERNAME \ + --auth-password $DAST_PASSWORD \ + --auth-username-field $DAST_USERNAME_FIELD \ + --auth-password-field $DAST_PASSWORD_FIELD + else + dast_run + fi + artifacts: + reports: + dast: gl-dast-report.json only: refs: - branches + variables: + - $GITLAB_FEATURES =~ /\bdast\b/ except: - refs: [] # Override default from template variables: - $DAST_DISABLED |