Exclude automatically generated monitoring project from DAST full scan

9661e220 · Dennis Appelt · Rémy Coutable · e6ce06cf · 9661e220
Commit 9661e220 authored Oct 14, 2020 by Dennis Appelt Committed by Rémy Coutable Oct 14, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 0 deletions

.gitlab/ci/dast.gitlab-ci.yml .gitlab/ci/dast.gitlab-ci.yml +2 -0

No files found.
--- a/.gitlab/ci/dast.gitlab-ci.yml
+++ b/.gitlab/ci/dast.gitlab-ci.yml
@@ -28,6 +28,8 @@
    # Help pages are excluded from scan as they are static pages.
    # profile/two_factor_auth is excluded from scan to prevent 2FA from being turned on from user profile, which will reduce coverage.
    - 'export DAST_AUTH_EXCLUDE_URLS="${DAST_WEBSITE}/help/.*,${DAST_WEBSITE}/profile/two_factor_auth,${DAST_WEBSITE}/users/sign_out"'
+    # Exclude the automatically generated monitoring project from being tested due to https://gitlab.com/gitlab-org/gitlab/-/issues/260362
+    - 'DAST_AUTH_EXCLUDE_URLS="${DAST_AUTH_EXCLUDE_URLS},https://.*\.gitlab-review\.app/gitlab-instance-(administrators-)?[a-zA-Z0-9]{8}/.*"'
    - enable_rule () { read all_rules; rule=$1; echo $all_rules | sed -r "s/(,)?$rule(,)?/\1-1\2/" ; }
    # Sort ids in DAST_RULES ascendingly, which is required when using DAST_RULES as argument to enable_rule
    - 'DAST_RULES=$(echo $DAST_RULES | tr "," "\n" | sort -n | paste -sd ",")'