Show security reports summary in pipelines' Security Dashboard
- Related issue: #222374 (closed)
What does this MR do?
This removes the vulnerability and scanned resources counts from the Pipeline Security Dashboard's filters in favor of a dedicated SecurityReportsSummary
that takes care of displaying the information for each report type above the dashboard.
Note: when a given scanner detected
0
vulnerabilities, we want to show that information. However, scanners that aren't configured currently report0
vulnerabilities, which results in slightly misleading information in the summary as we can't tell non-configured scanners from the ones that didn't detect any vulnerabilities. This will be addressed in a follow-up backend issue: #223073 (closed)
How to test this?
- Enable the feature flag:
echo "Feature.enable(:pipelines_security_report_summary)" | spring rails c
- Sign-in as the
root
user - Visit a pipeline that has some security scanners setup an navigate to the Security tab
Screenshots
Summary expanded | Summary collapsed |
---|---|
Recording
Does this MR meet the acceptance criteria?
Conformity
- [-] Changelog entry (not required as this is behind a feature flag)
- [-] Documentation (if required) (not required as this is behind a feature flag)
-
Code review guidelines - [-] Merge request performance guidelines
-
Style guides - [-] Database guides
-
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. - [-] Tested in all supported browsers
- [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Edited by Paul Gascou-Vaillancourt