Vulnerability report shows empty state if there are no pipelines
Why are we doing this work
With the introduction of Starboard Vulnerabilities and Manually Created Vulnerabilities, it is now possible for projects to have vulnerabilities even if those projects do not have any pipelines. The vulnerability report has an isDashboardConfigured
check which will show an empty state if there is no pipeline data. We should change this so that it will show vulnerabilities created via API, even if there are no pipelines.
See !69022 (comment 665221777) for more info.
Relevant links
Non-functional requirements
-
Documentation: -
Feature flag: -
Performance: -
Testing:
Implementation plan
-
frontend Update https://gitlab.com/gitlab-org/gitlab/-/blob/40a9508caf82e52f5760e2d2f1fefe7ad15dc09e/ee/app/assets/javascripts/security_dashboard/components/shared/vulnerability_report.vue#L104 and make sure to return true
for projects. -
frontend When there are no vulnerabilities, make sure to skip vulnerabilitySeveritiesCount
andvulnerabilities
queries. That will prevent unnecessary calls.
Edited by Savas Vedova