blob: 4d35a2820376d8f2ac63865287634bff9e803663 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
include:
- template: DAST-API.gitlab-ci.yml
dast_api:
needs: ["review-deploy"]
# Uncomment resource_group if DAST_API_PROFILE is changed to an active scan
# resource_group: dast_api_scan
rules:
- when: never
dast_api_graphql:
extends: dast_api
variables:
DAST_API_GRAPHQL: /api/graphql
DAST_API_PROFILE: Passive
DAST_API_TARGET_URL: ${CI_ENVIRONMENT_URL}
DAST_API_OVERRIDES_ENV: "{\"headers\":{\"Authorization\":\"Bearer $REVIEW_APPS_ROOT_TOKEN\"}}"
rules:
- !reference [".reports:rules:schedule-dast", rules]
#
# To run this job in an MR pipeline, use this rule:
# - !reference [".reports:rules:test-dast", rules]
dast_api_rest:
extends: dast_api
variables:
DAST_API_OPENAPI: doc/api/openapi/openapi_v2.yaml
DAST_API_PROFILE: Passive
DAST_API_TARGET_URL: ${CI_ENVIRONMENT_URL}
DAST_API_OVERRIDES_ENV: "{\"headers\":{\"Authorization\":\"Bearer $REVIEW_APPS_ROOT_TOKEN\"}}"
rules:
- !reference [".reports:rules:schedule-dast", rules]
#
# To run this job in an MR pipeline, use this rule:
# - !reference [".reports:rules:test-dast", rules]
|
