Security dashboard: fix latest vulnerability count
requested to merge dpisek/query-only-confirmed-detected-states-for-latest-vulnerability-counts into master
What does this MR do and why?
Security dashboard: fix latest vulnerability count
This commit fixes an issue where the security dashboard would show the latest vulnerability count for all states, including resolved ones.
It does so by adding a filter to the related query to only show "confirmed" and "detected" vulnerabilities.
Screenshots or screen recordings
| Before | After |
|---|---|
 |
 |
How to set up and validate locally
Prerequisites
- You need an EE license
- You need to have runners enabled (See $2408961 for setting up a runner)
- Import https://gitlab.com/gitlab-examples/security/security-reports
- Run pipeline on master
Validate
- Go to "Secure" -> "Security Dashboard"
- Verify that the graph is flat, especially the latest data point
- Open a second tab and navigate to "Secure" -> "Vulnerability Report"
- Make sure only the default status filters ("Needs triage" and "Confirmed" are selected)
- Verify that the vulnerability count matches the one for today's data on the security dashboard
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #429892 (closed)
Edited by David Pisek