Fix inconsistent future end-to-end test
What does this MR do?
Replaces the test_future_full_scan
end-to-end test with a test that runs more consistently (the author hopes!).
WebGoat has been replaced with DVWA as suggested in slack. (this also proved inconsistent).
The WebGoat test has been replaced with a simpler app, the Ajax fixture. While this is less comprehensive, it allows us to move on. The underlying cause has not been resolved, although due to the scanned resources being different it appears that the scanner takes a different route through WebGoat. This could be due to changes in the future version of DAST, or it could be inconsistency with the way WebGoat works (it's a rather strange webapp!).
The test has also been changed to use a dast-future
image by default for engineers on their local development environment, and a invoke task has been added to create the future image.
What are the relevant issue numbers?
n/a
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Job definition example -
Vendored CI Templates (also in CE)
-
-
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer