Merge branch '290241-DAST_API_OPENAPI-docs' into 'master'

Use DAST_API_OPENAPI in DAST docs

See merge request gitlab-org/gitlab!59765

doc/user/application_security/dast/index.md

@@ -471,7 +471,7 @@ include:
   - template: DAST.gitlab-ci.yml
 
 variables:
-  DAST_API_SPECIFICATION: http://my.api/api-specification.yml
+  DAST_API_OPENAPI: http://my.api/api-specification.yml
 ```
 
 #### Import API specification from a file
@@ -486,7 +486,7 @@ dast:
     - cp api-specification.yml /zap/wrk/api-specification.yml
   variables:
     GIT_STRATEGY: fetch
-    DAST_API_SPECIFICATION: api-specification.yml
+    DAST_API_OPENAPI: api-specification.yml
 ```
 
 #### Full API scan
@@ -522,7 +522,7 @@ include:
   - template: DAST.gitlab-ci.yml
 
 variables:
-  DAST_API_SPECIFICATION: http://api-test.host.com/api-specification.yml
+  DAST_API_OPENAPI: http://api-test.host.com/api-specification.yml
   DAST_API_HOST_OVERRIDE: api-test.host.com
 ```
 
@@ -537,7 +537,7 @@ include:
   - template: DAST.gitlab-ci.yml
 
 variables:
-  DAST_API_SPECIFICATION: http://api-test.api.com/api-specification.yml
+  DAST_API_OPENAPI: http://api-test.api.com/api-specification.yml
   DAST_REQUEST_HEADERS: "Authorization: Bearer my.token"
 ```
 
@@ -673,8 +673,9 @@ DAST can be [configured](#customizing-the-dast-settings) using CI/CD variables.
 | CI/CD variable               | Type    | Description |
 |------------------------------| --------|-------------|
 | `SECURE_ANALYZERS_PREFIX`    | URL     | Set the Docker registry base address from which to download the analyzer. |
-| `DAST_WEBSITE`               | URL     | The URL of the website to scan. `DAST_API_SPECIFICATION` must be specified if this is omitted. |
-| `DAST_API_SPECIFICATION`     | URL or string | The API specification to import. The specification can be hosted at a URL, or the name of a file present in the `/zap/wrk` directory. `DAST_WEBSITE` must be specified if this is omitted. |
+| `DAST_WEBSITE`               | URL     | The URL of the website to scan. `DAST_API_OPENAPI` must be specified if this is omitted. |
+| `DAST_API_OPENAPI`           | URL or string | The API specification to import. The specification can be hosted at a URL, or the name of a file present in the `/zap/wrk` directory. `DAST_WEBSITE` must be specified if this is omitted. |
+| `DAST_API_SPECIFICATION`     | URL or string | [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/290241) in GitLab 13.12 and replaced by `DAST_API_OPENAPI`. To be removed in GitLab 15.0. The API specification to import. The specification can be hosted at a URL, or the name of a file present in the `/zap/wrk` directory. `DAST_WEBSITE` must be specified if this is omitted. |
 | `DAST_SPIDER_START_AT_HOST`  | boolean | Set to `false` to prevent DAST from resetting the target to its host before scanning. When `true`, non-host targets `http://test.site/some_path` is reset to `http://test.site` before scan. Default: `true`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/258805) in GitLab 13.6. |
 | `DAST_AUTH_URL`              | URL     | The URL of the page containing the sign-in HTML form on the target website. `DAST_USERNAME` and `DAST_PASSWORD` are submitted with the login form to create an authenticated scan. Not supported for API scans. |
 | `DAST_AUTH_VERIFICATION_URL`   | URL     | A URL only accessible to logged in users that DAST can use to confirm successful authentication. If provided, DAST will exit if it cannot access the URL. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/207335) in GitLab 13.8.