Clarify that a stage has to be added to run DAST in .gitlab-ci.yml

Problem

stages:
  - build
  - test
  - deploy
  - dast

from our DAST latest template, so as to not be overly prescriptive as to when the DAST scan runs.

However as a consequence if a user followed our documentation in step 2 and only added

include:
  - template: DAST.latest.gitlab-ci.yml

variables:
  DAST_WEBSITE: https://example.com

then they will get a lint error, that says

dast job: chosen stage does not exist; available stages are .pre, build, test, deploy, .post.

By removing the stages from the DAST template, we unintentionally added a step for customers to setup. They must now ensure that they add a stages keyword into their yaml AND add a dast stage.

Solution

Update our documentation to specify that dast stage must be added to a customers .gitlab-ci.yml file. We already reference the stages keyword in the documentation but are not explicit that customers need to define it. Customers did not previously need to define it if they relied on the 5 default gitlab stages .pre, build, test, deploy, post.
Put out a blog post of this breaking change, since in 14.0 we plan to move the contents of DAST.latest.gitab-ci.yml to DAST.gitlab-ci.yml
Add a comment to the DAST template: #326053 (comment 539895889)

Edited Apr 15, 2021 by Avielle Wolfe