35 lines
1.1 KiB
YAML
35 lines
1.1 KiB
YAML
include:
|
|
- template: DAST-API.gitlab-ci.yml
|
|
|
|
dast_api:
|
|
needs: ["review-deploy"]
|
|
# Uncomment resource_group if DAST_API_PROFILE is changed to an active scan
|
|
# resource_group: dast_api_scan
|
|
rules:
|
|
- when: never
|
|
|
|
dast_api_graphql:
|
|
extends: dast_api
|
|
variables:
|
|
DAST_API_GRAPHQL: /api/graphql
|
|
DAST_API_PROFILE: Passive
|
|
DAST_API_TARGET_URL: ${CI_ENVIRONMENT_URL}
|
|
DAST_API_OVERRIDES_ENV: "{\"headers\":{\"Authorization\":\"Bearer $REVIEW_APPS_ROOT_TOKEN\"}}"
|
|
rules:
|
|
- !reference [".reports:rules:schedule-dast", rules]
|
|
#
|
|
# To run this job in an MR pipeline, use this rule:
|
|
# - !reference [".reports:rules:test-dast", rules]
|
|
|
|
dast_api_rest:
|
|
extends: dast_api
|
|
variables:
|
|
DAST_API_OPENAPI: doc/api/openapi/openapi_v2.yaml
|
|
DAST_API_PROFILE: Passive
|
|
DAST_API_TARGET_URL: ${CI_ENVIRONMENT_URL}
|
|
DAST_API_OVERRIDES_ENV: "{\"headers\":{\"Authorization\":\"Bearer $REVIEW_APPS_ROOT_TOKEN\"}}"
|
|
rules:
|
|
- !reference [".reports:rules:schedule-dast", rules]
|
|
#
|
|
# To run this job in an MR pipeline, use this rule:
|
|
# - !reference [".reports:rules:test-dast", rules]
|