Enabling the analyzer
To run a DAST scan:
- Read the requirements conditions for running a DAST scan.
- Create a DAST job in your CI/CD pipeline.
- Authenticate as a user if your application requires it.
The DAST job runs in a Docker container defined by the image
keyword in the DAST CI/CD template file.
When you run the job, DAST connects to the target application specified by the DAST_TARGET_URL
variable
and crawls the site using an embedded browser.
Create a DAST CI/CD job
To add DAST scanning to your application, use the DAST job defined in the GitLab DAST CI/CD template file. Updates to the template are provided with GitLab upgrades, allowing you to benefit from any improvements and additions.
To create the CI/CD job:
-
Include the appropriate CI/CD template:
DAST.gitlab-ci.yml
: Stable version of the DAST CI/CD template.DAST.latest.gitlab-ci.yml
: Latest version of the DAST template.
The latest version of the template may include breaking changes. Use the stable template unless you need a feature provided only in the latest template.
For more information about template versioning, see the CI/CD documentation.
-
Add a
dast
stage to your GitLab CI/CD stages configuration. -
Define the URL to be scanned by DAST by using one of these methods:
-
Set the
DAST_TARGET_URL
CI/CD variable. If set, this value takes precedence. -
Adding the URL in an
environment_url.txt
file at your project’s root is great for testing in dynamic environments. To run DAST against an application dynamically created during a GitLab CI/CD pipeline, write the application URL to anenvironment_url.txt
file. DAST automatically reads the URL to find the scan target.You can see an example of this in our Auto DevOps CI YAML.
-
For example:
stages:
- dast
include:
- template: Security/DAST.gitlab-ci.yml
dast:
variables:
DAST_TARGET_URL: "https://example.com"
DAST_AUTH_USERNAME: "test_user"
DAST_AUTH_USERNAME_FIELD: "name:user[login]"
DAST_AUTH_PASSWORD_FIELD: "name:user[password]"
Docs
Edit this page to fix an error or add an improvement in a merge request.
Create an issue to suggest an improvement to this page.
Product
Create an issue if there's something you don't like about this feature.
Propose functionality by submitting a feature request.
Feature availability and product trials
View pricing to see all GitLab tiers and features, or to upgrade.
Try GitLab for free with access to all features for 30 days.
Get help
If you didn't find what you were looking for, search the docs.
If you want help with something specific and could use community support, post on the GitLab forum.
For problems setting up or using this feature (depending on your GitLab subscription).
Request support