Commit 2074d6c7 authored by Cameron Swords's avatar Cameron Swords Committed by Nick Thomas

Pin to the major version of DAST

parent 556a2ad1
...@@ -103,6 +103,10 @@ always take the latest DAST artifact available. Behind the scenes, the ...@@ -103,6 +103,10 @@ always take the latest DAST artifact available. Behind the scenes, the
[GitLab DAST Docker image](https://gitlab.com/gitlab-org/security-products/dast) [GitLab DAST Docker image](https://gitlab.com/gitlab-org/security-products/dast)
is used to run the tests on the specified URL and scan it for possible vulnerabilities. is used to run the tests on the specified URL and scan it for possible vulnerabilities.
By default, the DAST template will use the latest major version of the DAST Docker image. Using the `DAST_VERSION` variable,
you can choose to automatically update DAST with new features and fixes by pinning to a major version (e.g. 1), only update fixes by pinning to a minor version (e.g. 1.6) or prevent all updates by pinning to a specific version (e.g. 1.6.4).
Find the latest DAST versions on the [Releases](https://gitlab.com/gitlab-org/security-products/dast/-/releases) page.
### Authenticated scan ### Authenticated scan
It's also possible to authenticate the user before performing the DAST checks: It's also possible to authenticate the user before performing the DAST checks:
......
---
title: DAST vendored template pins DAST to latest major version
merge_request: 22371
author:
type: changed
...@@ -10,10 +10,13 @@ stages: ...@@ -10,10 +10,13 @@ stages:
- deploy - deploy
- dast - dast
variables:
DAST_VERSION: 1
dast: dast:
stage: dast stage: dast
image: image:
name: "registry.gitlab.com/gitlab-org/security-products/dast:$CI_SERVER_VERSION_MAJOR-$CI_SERVER_VERSION_MINOR-stable" name: "registry.gitlab.com/gitlab-org/security-products/dast:$DAST_VERSION"
variables: variables:
# URL to scan: # URL to scan:
# DAST_WEBSITE: https://example.com/ # DAST_WEBSITE: https://example.com/
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment