Move dependency scanning reports to mr widget backend
What does this MR do?
Exposes new endpoint for in merge request controller to compare DS (dependency scanning) reports between master and branch. Output of the comparison will looks like following
Related issue
https://gitlab.com/gitlab-org/gitlab-ee/issues/13389
Overall Class Structure
Does this MR meet the acceptance criteria?
-
Checkout this branch and run gdk -
have project with dependency scanning(you can import our test project to your local instance -
Enable container scanning and make sure to generate container scanning report with master branch -
Create an mr for the project that you imported (with new dependency introduced) -
hit http://<local_instance>/gitlab-org/ruby-bundler/merge_requests/<mr_number>/dependency_scanning_reports.json -
Dependency scanning reports should be listed -
Go to any merge request page and write window.gl.mrWidgetData.dependency_scanning_comparsion_pathto js console in your browser it should show end point that you can hit to get comparison report.
Conformity
-
Changelog entry -
Documentation created/updated or follow-up review issue created -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Performance and testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec -
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team
Edited by Can Eldem