include:
  - template: DAST-API.gitlab-ci.yml

dast_api:
  variables:
    DAST_API_PROFILE: Passive
    DAST_API_GRAPHQL: /api/graphql
    DAST_API_TARGET_URL: ${CI_ENVIRONMENT_URL}
    DAST_API_OVERRIDES_ENV: "{\"headers\":{\"Authorization\":\"Bearer $REVIEW_APPS_ROOT_TOKEN\"}}"
  needs: ["review-deploy"]
  # Uncomment resource_group if DAST_API_PROFILE is changed to an active scan
  # resource_group: dast_api_scan
  rules:
    - !reference [".reports:rules:schedule-dast", rules]