Skip to content

Sec finding modal: render container scanning info

What does this MR do and why?

Adds the "image" and "operatingSystem" fields to the security finding modal. They are currently not rendered in the UI.

Screenshots or screen recordings

Before After
Screenshot_2023-07-19_at_4.43.49_pm Screenshot_2023-07-19_at_4.42.30_pm

How to set up and validate locally

  1. Clone https://gitlab.com/gitlab-examples/security/security-reports.git.
  2. Run a pipeline on master
  3. To the pipelines security report
  4. Filter for "Container Scanning"
  5. Click on a finding (e.g.: CVE-2022-27775 in curl-7.79.1-1.amzn2.0.1)
  6. Verify that the Location section is rendering and includes the image and namespace fields

Numbered steps to set up and validate the change are strongly suggested.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #419147 (closed)

Edited by David Pisek

Merge request reports

Loading