Create resolve vulnerability button UI
What does this MR do and why?
This MR introduces the UI only for the "Resolve with AI" button. This only applies to "SAST" vulnerabilities.
MR | Changes |
---|---|
This MR | Introduce the "Resolve with AI" UI button |
tbd | Handle onClick of the "Resolve with AI" button |
Note: The button won't do anything when clicked, that will be handled in the next MR
Screenshots or screen recordings
Split Button | Single Button | Not SAST (no button) |
---|---|---|
How to set up and validate locally
- Have the related FF enabled:
echo "Feature.enable(:resolve_vulnerability_ai)" | rails c
- In order to run a pipeline to generate a Vulnerability report, you'll need an EE license.
- Fork https://gitlab.com/gitlab-org/govern/demos/sandbox/minac/test-remediations (for the split button)
- Fork https://gitlab.com/gitlab-org/security-products/tests/webgoat.net (for the solo button)
- Fork https://gitlab.com/gitlab-examples/security/security-reports (no button)
- Run a pipeline against the default branch. It will generate vulnerabilities.
- Go to the project vulnerability report page
- Click on the SAST vulnerability
- You will see the "Resolve with AI" button
- When you click on a non SAST vulnerability, there will be no "Resolve with AI" button
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #430888 (closed)
Edited by Samantha Ming