Create image filter for project vulnerabilities
What does this MR do and why?
Create image filter for project vulnerabilities
- create new image filter
- only include it in project-level operational vulnerabilities report
- hide behind operation_vulnerability_filters feature flag
- reimplement truncate on a conditional basis as it was removed in Do not truncate vulnerability report filter dro... (!68453 - merged)
Changelog: added
EE: true
Screenshots or screen recordings
| w/out feature flag | w/ feature flag |
|---|---|
 |
 |
| image filter (should be truncated) | project filter (should not be truncated) |
|---|---|
 |
 |
URL is https://gitlab.aturinske:3443/mixed-vulnerabilities-01/security-reports-05/-/security/vulnerability_report/?image=registry.gitlab.com%2Fgitlab-org%2Fsecurity-products%2Fdast%2Fwebgoat-8.0%40sha256%3Abc09fe2e0721dfaeee79364115aeedf2174cce0947b9ae5fe7c33312ee019a4e&tab=OPERATIONAL
How to set up and validate locally
- Ensure your GDK has a GitLab Ultimate license
- Enable the
:operational_vulnerabilities_filtersfeature flag - Ensure your GDK is connected to the GitLab Runner
- Follow these docs to set up the kubernetes agent
- Clone test-cis-with-agentid and run the pipeline
- Link the agent to a project
- Run the pipeline to generate vulnerabilities
- Navigate to the agent/vulnerability report
- View the vulnerabilities
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #337883 (closed)
Edited by Alexander Turinske