diff options
Diffstat (limited to 'lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml')
-rw-r--r-- | lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml index 792bd7f666b..f10011ab23b 100644 --- a/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml @@ -26,11 +26,12 @@ variables: # Setting this variable will affect all Security templates # (SAST, Dependency Scanning, ...) SECURE_ANALYZERS_PREFIX: "$CI_TEMPLATE_REGISTRY_HOST/security-products" + DAST_IMAGE_SUFFIX: "" dast: stage: dast image: - name: "$SECURE_ANALYZERS_PREFIX/dast:$DAST_VERSION" + name: "$SECURE_ANALYZERS_PREFIX/dast:$DAST_VERSION$DAST_IMAGE_SUFFIX" variables: GIT_STRATEGY: none allow_failure: true @@ -57,6 +58,11 @@ dast: $REVIEW_DISABLED == '1' when: never - if: $CI_COMMIT_BRANCH && + $CI_GITLAB_FIPS_MODE == "true" && + $GITLAB_FEATURES =~ /\bdast\b/ + variables: + DAST_IMAGE_SUFFIX: "-fips" + - if: $CI_COMMIT_BRANCH && $GITLAB_FEATURES =~ /\bdast\b/ after_script: # Remove any debug.log files because they might contain secrets. |