Set GIT_STRATEGY to none by default

as the projects repository is not required to run DAST

Set GIT_STRATEGY to none by default
as the projects repository is not required to run DAST
071b0b6d · Craig Smith · 471b9888 · 071b0b6d · 071b0b6d · 071b0b6d
Commit 071b0b6d authored Feb 17, 2020 by Craig Smith
3 changed files
--- a/changelogs/unreleased/10429_set_dast_default_git_strategy_to_none.yml
+++ b/changelogs/unreleased/10429_set_dast_default_git_strategy_to_none.yml
+---
+title: Project repositories are no longer cloned by default when running DAST
+merge_request: 25320
+author:
+type: performance
--- a/doc/user/application_security/dast/index.md
+++ b/doc/user/application_security/dast/index.md
@@ -351,6 +351,11 @@ dast:
    - /analyze -z"-config replacer.full_list\(0\).description=auth -config replacer.full_list\(0\).enabled=true -config replacer.full_list\(0\).matchtype=REQ_HEADER -config replacer.full_list\(0\).matchstr=Authorization -config replacer.full_list\(0\).regex=false -config replacer.full_list\(0\).replacement=TOKEN" -t $DAST_WEBSITE
 ```
+### Cloning the project's repository
+The DAST job does not require the project's repository to be present when running, so by default
+[`GIT_STRATEGY`](../../../ci/yaml/README.md#git-strategy) is set to `none`.
 ## Reports
 The DAST job can emit various reports.

--- a/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml
@@ -18,6 +18,7 @@ dast:
  image:
    name: "registry.gitlab.com/gitlab-org/security-products/dast:$DAST_VERSION"
  variables:
+    GIT_STRATEGY: none
  # URL to scan:
  # DAST_WEBSITE: https://example.com/
  #