diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2019-10-18 15:06:05 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2019-10-18 15:06:05 +0000 |
commit | 5c521d1f9b1e389e2f9b2b5fccf3798159a10f8d (patch) | |
tree | 2460d9f5229b4b42b117b33584276d1040e2803c /doc/user/application_security/dast | |
parent | 6cdc0f32fabea92606c8cda040a3d0875914b906 (diff) | |
download | gitlab-ce-5c521d1f9b1e389e2f9b2b5fccf3798159a10f8d.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/user/application_security/dast')
-rw-r--r-- | doc/user/application_security/dast/index.md | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/doc/user/application_security/dast/index.md b/doc/user/application_security/dast/index.md index e90f219337b..951c4b9dd73 100644 --- a/doc/user/application_security/dast/index.md +++ b/doc/user/application_security/dast/index.md @@ -81,8 +81,15 @@ variables: There are two ways to define the URL to be scanned by DAST: -- Set the `DAST_WEBSITE` [variable](../../../ci/yaml/README.md#variables). -- Add it in an `environment_url.txt` file at the root of your project. +1. Set the `DAST_WEBSITE` [variable](../../../ci/yaml/README.md#variables). + +1. Add it in an `environment_url.txt` file at the root of your project. + This is great for testing in dynamic environments. In order to run DAST against + an app that is dynamically created during a Gitlab CI pipeline, have the app + persist its domain in an `environment_url.txt` file, and DAST will + automatically parse that file to find its scan target. + You can see an [example](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml) + of this in our Auto DevOps CI YML. If both values are set, the `DAST_WEBSITE` value will take precedence. |