Enable an unsafe egress setup
Issue: https://github.com/GSA-TTS/rails-template/issues/167
Changes:
- fix references to resources that moved from kebab case to snake case
- add a
enable_unsafe_worker_spacesetting that addspublic_networks_egressto the worker space, and skips configuring the worker egress credentials service
Motivation:
Currently, the built-in DAST scanner works on our system, but only if it can directly hit the target URL. We hope to fix that eventually (or, have GitLab better support proxy env vars), but in the meantime this would allow us to configure a runner system with an unsafe_egress tag that could run DAST, and any other jobs we find that aren't compatible with the egress proxy, but leave the default behavior safe and controlled.