BigW Consortium Gitlab
Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
G
gitlab-ce
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
Forest Godfrey
gitlab-ce
Commits
0c9f2bb9
Unverified
Commit
0c9f2bb9
authored
Jan 15, 2018
by
Achilleas Pipinellis
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add DAST to Auto DevOps docs
parent
19df9c7e
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
34 additions
and
3 deletions
+34
-3
index.md
doc/topics/autodevops/index.md
+34
-3
No files found.
doc/topics/autodevops/index.md
View file @
0c9f2bb9
...
...
@@ -20,6 +20,8 @@ project in an easy and automatic way:
1.
[
Auto Test
](
#auto-test
)
1.
[
Auto Code Quality
](
#auto-code-quality
)
1.
[
Auto SAST (Static Application Security Testing)
](
#auto-sast
)
1.
[
Auto SAST for Docker images
](
#auto-sast-for-docker-images
)
1.
[
Auto DAST (Dynamic Application Security Testing)
](
#auto-dast
)
1.
[
Auto Browser Performance Testing
](
#auto-browser-performance-testing
)
1.
[
Auto Review Apps
](
#auto-review-apps
)
1.
[
Auto Deploy
](
#auto-deploy
)
...
...
@@ -193,8 +195,10 @@ Auto Code Quality uses the open source
[
`codeclimate` image
](
https://hub.docker.com/r/codeclimate/codeclimate/
)
to run
static analysis and other code checks on the current code. The report is
created, and is uploaded as an artifact which you can later download and check
out. In GitLab Enterprise Edition Starter, differences between the source and
target branches are
out.
In GitLab Enterprise Edition Starter, differences between the source and
target branches are also
[
shown in the merge request widget
](
https://docs.gitlab.com/ee/user/project/merge_requests/code_quality_diff.html
)
.
### Auto SAST
...
...
@@ -207,7 +211,34 @@ analysis on the current code and checks for potential security issues. Once the
report is created, it's uploaded as an artifact which you can later download and
check out.
Any security warnings are also
[
shown in the merge request widget
](
https://docs.gitlab.com/ee/user/project/merge_requests/sast.html
)
.
In GitLab Enterprise Edition Ultimate, any security warnings are also
[
shown in the merge request widget
](
https://docs.gitlab.com/ee/user/project/merge_requests/sast.html
)
.
### Auto SAST for Docker images
> Introduced in GitLab 10.4.
Vulnerability Static Analysis for containers uses
[
Clair
](
https://github.com/coreos/clair
)
to run static analysis on a
Docker image and checks for potential security issues. Once the report is
created, it's uploaded as an artifact which you can later download and
check out.
In GitLab Enterprise Edition Ultimate, any security warnings are also
[
shown in the merge request widget
](
https://docs.gitlab.com/ee/user/project/merge_requests/sast_docker.html
)
.
### Auto DAST
> Introduced in [GitLab Enterprise Edition Ultimate][ee] 10.4.
Dynamic Application Security Testing (DAST) uses the
popular open source tool
[
OWASP ZAProxy
](
https://github.com/zaproxy/zaproxy
)
to perform an analysis on the current code and checks for potential security
issues. Once the report is created, it's uploaded as an artifact which you can
later download and check out.
In GitLab Enterprise Edition Ultimate, any security warnings are also
[
shown in the merge request widget
](
https://docs.gitlab.com/ee/user/project/merge_requests/dast.html
)
.
### Auto Browser Performance Testing
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment