[go: up one dir, main page]
Skip to content

Draft: Resolve "Select Runner tags for DAST on demand site profile validation"

Miki Amosrequested to merge
555071-select-runner-tags-for-dast-on-demand-site-profile-validation into master

What does this MR do and why?

This merge request adds support for associating CI runner tags with DAST (Dynamic Application Security Testing) site validations.

The main changes include:

  1. New database table: Creates a site_validation_tags table that connects DAST site validations with CI runner tags, allowing users to specify which runners should handle security validation jobs.

  2. Enhanced API: Updates the GraphQL mutation for creating site validations to accept an optional tag_list parameter, so users can specify runner tags when setting up security scans.

  3. Model relationships: Adds the necessary database relationships so that site validations can be linked to multiple tags, and includes validation to prevent duplicate tag assignments.

  4. Service updates: Modifies the validation creation service to handle tag assignments and validates that all specified tags exist before creating the validation.

  5. CI configuration: Updates the runner service to include the specified tags in the CI configuration, ensuring validation jobs run on the correct runners.

The feature allows teams to control which specific CI runners handle their security validation tasks, which is useful for organizations that need validations to run on runners with specific capabilities or in particular environments.

References

Screenshots or screen recordings

Before After

How to set up and validate locally

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #555071 (closed)

Edited by Miki Amos

Merge request reports