Push resolve_vulnerability_with_ai ability and FF to frontend
What does this MR do and why?
We already have these feature flags in place at the graphql layer, but we also need to push them to the frontend to allow them to show/hide UI elements based on the FF state.
The feature flags will eventually be removed, the abilities are permanent and are used to hook the UI elements into application settings and access policies.
Note on the InstanceSecurityDashboard
There is a complication where a user can add projects that span groups to this dashboard.
There are still open questions around what the business logic and UX should be around this scenario 1
As we are still developing behind a feature flag, we use a simple strategy of showing the filters if any project has the ability.
This means it is possible to filter to "vulnerabilities resolvable by duo", and then click through to a vulnerabilities detail page and discover duo is disabled in that project
The average number of projects for a dashboard in production is 4 for this dashboard (largest is ~500)
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
demo |
---|
untitled |
related to: #496463 (closed)
related to: #496332 (closed)
epic: &15036
Changelog: changed
EE: true
-
A screen recording of this behavior and further discussion is in this thread ↩