Document _IMAGE_SUFFIX variable for API Security

8d00ab6f · Michael Eddington · Russell Dickenson · 7f11b5b8 · 8d00ab6f · 8d00ab6f
Commit 8d00ab6f authored Apr 18, 2022 by Michael Eddington Committed by Russell Dickenson Apr 18, 2022
Showing with 7 additions and 4 deletions

doc/user/application_security/api_fuzzing/index.md doc/user/application_security/api_fuzzing/index.md +4 -3

doc/user/application_security/dast_api/index.md doc/user/application_security/dast_api/index.md +3 -1

No files found.
--- a/doc/user/application_security/api_fuzzing/index.md
+++ b/doc/user/application_security/api_fuzzing/index.md
@@ -586,7 +586,8 @@ profile increases as the number of tests increases.
 | CI/CD variable                                              | Description |
 |-------------------------------------------------------------|-------------|
 | `SECURE_ANALYZERS_PREFIX`                                   | Specify the Docker registry base address from which to download the analyzer. |
-| `FUZZAPI_VERSION`                                           | Specify API Fuzzing container version. Defaults to `latest`. |
+| `FUZZAPI_VERSION`                                           | Specify API Fuzzing container version. Defaults to `1`. |
+| `FUZZAPI_IMAGE_SUFFIX`                                      | Specify a container image suffix. Defaults to none. |
 | `FUZZAPI_TARGET_URL`                                        | Base URL of API testing target. |
 | `FUZZAPI_CONFIG`                                            | [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/276395) in GitLab 13.12, replaced with default `.gitlab/gitlab-api-fuzzing-config.yml`. API Fuzzing configuration file. |
 |[`FUZZAPI_PROFILE`](#api-fuzzing-profiles)                   | Configuration profile to use during testing. Defaults to `Quick-10`. |
@@ -920,7 +921,7 @@ def get_auth_response():
 # In our example, access token is retrieved from a given endpoint
 try:

-    # Performs a http request, response sample: 
+    # Performs a http request, response sample:
    # { "Token" : "b5638ae7-6e77-4585-b035-7d9de2e3f6b3" }
    response = get_auth_response()

@@ -950,7 +951,7 @@ except Exception as e:
    logging.error(f'Error, unknown error while retrieving access token. Error message: {e}')
    raise

-# computes object that holds overrides file content. 
+# computes object that holds overrides file content.
 # It uses data fetched from request
 overrides_data = {
    "headers": {

--- a/doc/user/application_security/dast_api/index.md
+++ b/doc/user/application_security/dast_api/index.md
@@ -537,7 +537,9 @@ can be added, removed, and modified by creating a custom configuration.

 | CI/CD variable                                       | Description        |
 |------------------------------------------------------|--------------------|
-| `DAST_API_VERSION`                                    | Specify DAST API container version. Defaults to `latest`. |
+| `SECURE_ANALYZERS_PREFIX`                            | Specify the Docker registry base address from which to download the analyzer. |
+| `DAST_API_VERSION`                                   | Specify DAST API container version. Defaults to `1`. |
+| `DAST_API_IMAGE_SUFFIX`                              | Specify a container image suffix. Defaults to none. |
 | `DAST_API_TARGET_URL`                                 | Base URL of API testing target. |
 |[`DAST_API_CONFIG`](#configuration-files)              | DAST API configuration file. Defaults to `.gitlab-dast-api.yml`. |
 |[`DAST_API_PROFILE`](#configuration-files)             | Configuration profile to use during testing. Defaults to `Quick`. |