Skip to content

Remove scanned_resources_count from security scan

Craig Smith requested to merge remove_scanned_resources_from_mr_api_231424 into master

What does this MR do?

This MR relates to #231424 (closed)

Currently the DAST report endpoint /namespace/project/-/merge_requests/5/dast_reports returns the scanned resources count and the URL to the job log. They were initially used to show the scanned resources count for DAST jobs in the MR widget but have been replaced by the securityReportSummary GraphQL endpoint.

This MR removes scanned_resources_count and job_path from the dast_reports endpoint. The column scanned_resources_count on Security::Scan will be removed in a subsequent MR.

{
    "base_report_created_at": "2020-03-10T23:34:50.571Z",
    "base_report_out_of_date": true,
    "head_report_created_at": "2020-05-26T03:31:22.097Z",
    "added": [],
    "fixed": [],
    "existing": [],
-   "scans": [
-       {
-           "scanned_resources_count": 14,
-           "job_path": "/craigmsmith/craigmsmith-railsgoat-example/-/jobs/567061221"
-       },
-       {
-           "scanned_resources_count": 14,
-           "job_path": "/craigmsmith/craigmsmith-railsgoat-example/-/jobs/566994377"
-       },
-       {
-           "scanned_resources_count": 14,
-           "job_path": "/craigmsmith/craigmsmith-railsgoat-example/-/jobs/538036908"
-       }
-   ]
}

Screenshots

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team
Edited by Craig Smith

Merge request reports

Loading