Expose additional scanner data in HAML
The scanner data is injected via the data attributes on HAML.
# ee/app/helpers/ee/projects_helper.rb
scanners: VulnerabilityScanners::ListService.new(project).execute.to_json,
This is a sample scanners
data output of
// scanners
[
{"id":545,"vendor":"GitLab","report_type":"SAST"},
{"id":546,"vendor":"GitLab","report_type":"SAST"},
{"id":541,"vendor":"GitLab","report_type":"DEPENDENCY_SCANNING"},
{"id":548,"vendor":"GitLab","report_type":"API_FUZZING"},
{"id":557,"vendor":"GitLab","report_type":"SECRET_DETECTION"},
{"id":547,"vendor":"GitLab","report_type":"COVERAGE_FUZZING"},
{"id":558,"vendor":"SamScan","report_type":"SAST"},
{"id":543,"vendor":"GitLab","report_type":"CLUSTER_IMAGE_SCANNING"},
{"id":542,"vendor":"GitLab","report_type":"CONTAINER_SCANNING"},
{"id":544,"vendor":"GitLab","report_type":"DAST"}
]
Implementation
Make the new data available, so it can be used for the new project tool filer dropdown:
// ee/app/services/vulnerability_scanners/list_service.rb
module VulnerabilityScanners
{
id: scanner.id,
vendor: scanner.vendor,
+ report_type: ::Enums::Vulnerability.report_types.key(scanner.report_type).upcase,
+ name: scanner.name,
+ external_id: scanner.external_id
Note: Probably okay to make the data available without a FF conditional check. The FF-off state can just simply ignore this data. But please double-check this.
Resources
Edited by Samantha Ming