diff options
author | Avielle Wolfe <awolfe@gitlab.com> | 2019-09-12 18:45:23 -0400 |
---|---|---|
committer | Avielle Wolfe <awolfe@gitlab.com> | 2019-09-12 18:47:05 -0400 |
commit | dc920b4873098f2de8f3ee489c87178674caec24 (patch) | |
tree | 7d2de00a22d29bdc469d474cba2caab977825bda | |
parent | d10e7245793f934a73fd3b4394461ca951ba0f90 (diff) | |
download | gitlab-ce-add-docs-for-dast-domain-validation.tar.gz |
Add example using templateadd-docs-for-dast-domain-validation
Since this is what a lot of folks will be doing
-rw-r--r-- | doc/user/application_security/dast/index.md | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/doc/user/application_security/dast/index.md b/doc/user/application_security/dast/index.md index f93e0c3c9d2..74a7ea3d0ec 100644 --- a/doc/user/application_security/dast/index.md +++ b/doc/user/application_security/dast/index.md @@ -136,6 +136,15 @@ variables: Domain validation is not required by default. It can be required by setting the [environment variable](#available-variables) `DAST_FULL_SCAN_DOMAIN_VALIDATION_REQUIRED` to true. +```yaml +include: + template: DAST.gitlab-ci.yml + +variables: + DAST_FULL_SCAN_ENABLED: "true" + DAST_FULL_SCAN_DOMAIN_VALIDATION_REQUIRED: "true" +``` + Since ZAP full scan actively attacks the target application, DAST sends a ping to the target (normally defined in `DAST_WEBSITE` or `environment_url.txt`) beforehand. If `DAST_FULL_SCAN_DOMAIN_VALIDATION_REQUIRED` is false or unset, the scan will _proceed_ unless the response to the ping |