1 files changed, 10 insertions, 8 deletions

diff --git a/lib/gitlab/ci/templates/Security/DAST.latest.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/DAST.latest.gitlab-ci.yml
index b6282da18a4..6834766da3d 100644
--- a/lib/gitlab/ci/templates/Security/DAST.latest.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Security/DAST.latest.gitlab-ci.yml
@@ -13,12 +13,11 @@
 
 # Read more about this feature here: https://docs.gitlab.com/ee/user/application_security/dast/
 
-# Configure the scanning tool through the environment variables.
-# List of the variables: https://docs.gitlab.com/ee/user/application_security/dast/#available-variables
-# How to set: https://docs.gitlab.com/ee/ci/yaml/#variables
+# Configure DAST with CI/CD variables (https://docs.gitlab.com/ee/ci/variables/README.html).
+# List of available variables: https://docs.gitlab.com/ee/user/application_security/dast/#available-variables
 
 variables:
-  DAST_VERSION: 1
+  DAST_VERSION: 2
   # Setting this variable will affect all Security templates
   # (SAST, Dependency Scanning, ...)
   SECURE_ANALYZERS_PREFIX: "registry.gitlab.com/gitlab-org/security-products/analyzers"
@@ -47,10 +46,13 @@ dast:
           $REVIEW_DISABLED && $DAST_WEBSITE == null &&
           $DAST_API_SPECIFICATION == null
       when: never
-    - if: $CI_COMMIT_BRANCH &&
+    - if: $CI_MERGE_REQUEST_IID &&
           $CI_KUBERNETES_ACTIVE &&
           $GITLAB_FEATURES =~ /\bdast\b/
+    - if: $CI_MERGE_REQUEST_IID && ($DAST_WEBSITE || $DAST_API_SPECIFICATION)
+    - if: $CI_OPEN_MERGE_REQUESTS
+      when: never
     - if: $CI_COMMIT_BRANCH &&
-          $DAST_WEBSITE
-    - if: $CI_COMMIT_BRANCH &&
-          $DAST_API_SPECIFICATION
+          $CI_KUBERNETES_ACTIVE &&
+          $GITLAB_FEATURES =~ /\bdast\b/
+    - if: $CI_COMMIT_BRANCH && ($DAST_WEBSITE || $DAST_API_SPECIFICATION)