Skip to content

Move backend documentation paths to frontend for vulnerability report

This MR moves all documentation paths for the vulnerability report components, from backend Ruby helper files to the frontend using the helpPagePath helper.

We have 4 different report levels (project, group, instance, and pipeline) that each use a different Ruby helper, but use the same frontend components. If we want to change the documentation path, previously we needed to change it in each Ruby helper. This was non-trivial because you needed to know which helpers need to be changed and how the data gets passed to the frontend. With this MR, there's now only one place where the documentation paths are (in a constants.js file) and it's all kept in the frontend.

The doc paths were also updated with more appropriate docs. At one point we only had the Security & Compliance -> Security dashboard page, so all the docs pointed to the security dashboard doc. We've since split it out into a Vulnerability report page, but never updated the docs to go to the vulnerability report doc.

Doc links

We use the following docs for the security dashboard/vulnerability report:

Doc name Description Link
APPLICATION_SECURITY High level intro to application security https://docs.gitlab.com/ee/user/application_security/index
VULNERABILITY_DETAILS Explains how to use the vulnerability details page when clicking on an item on the Security & Compliance -> Vulnerability report page https://docs.gitlab.com/ee/user/application_security/vulnerabilities/index
VULNERABILITY_REPORT Explains how to use the Security & Compliance -> Vulnerability report page https://docs.gitlab.com/ee/user/application_security/vulnerability_report/index
SECURITY_DASHBOARD Explains how to use the Security & Compliance -> Security dashboard page https://docs.gitlab.com/ee/user/application_security/security_dashboard/index
SECURITY_CONFIGURATION Explains how to configure security scanners so that the security dashboard, vulnerability report, and pipeline findings can be used https://docs.gitlab.com/ee/user/application_security/configuration/index
POLICIES Explains how to set up policies for the agent vulnerability report https://docs.gitlab.com/ee/user/application_security/policies/index
SECURITY_SCANNER_INTEGRATION.REPORT Explains the JSON schema that the scanner reports should be in https://docs.gitlab.com/ee/development/integrations/secure#report
SECURITY_SCANNER_INTEGRATION.RETENTION_PERIOD Explains how long the scanner reports are stored for https://docs.gitlab.com/ee/development/integrations/secure#retention-period-for-vulnerabilities

Related to #357794 (closed) and #357458 (closed)

Edited by Daniel Tian

Merge request reports

Loading