# To contribute improvements to CI/CD templates, please follow the Development guide at:
# https://docs.gitlab.com/ee/development/cicd/templates.html
# This specific template is located at:
# https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/API-Fuzzing.latest.gitlab-ci.yml

# Read more about this feature here: https://docs.gitlab.com/ee/user/application_security/api_fuzzing/
#
# Configure API fuzzing with CI/CD variables (https://docs.gitlab.com/ee/ci/variables/index.html).
# List of available variables: https://docs.gitlab.com/ee/user/application_security/api_fuzzing/#available-cicd-variables

variables:
    FUZZAPI_VERSION: "1"
    SECURE_ANALYZERS_PREFIX: "registry.gitlab.com/gitlab-org/security-products/analyzers"
    FUZZAPI_IMAGE: ${SECURE_ANALYZERS_PREFIX}/api-fuzzing:${FUZZAPI_VERSION}

apifuzzer_fuzz:
    stage: fuzz
    image: $FUZZAPI_IMAGE
    allow_failure: true
    rules:
        - if: $API_FUZZING_DISABLED
          when: never
        - if: $API_FUZZING_DISABLED_FOR_DEFAULT_BRANCH &&
                $CI_DEFAULT_BRANCH == $CI_COMMIT_REF_NAME
          when: never
        - if: $CI_COMMIT_BRANCH
    script:
        - /peach/analyzer-fuzz-api
    artifacts:
        when: always
        paths:
            - gl-assets
            - gl-api-fuzzing-report.json
            - gl-*.log
        reports:
            api_fuzzing: gl-api-fuzzing-report.json

# end