Add DAST reports at pipeline level
Problem to solve
We don't have a way to show the full security report for DAST at pipeline level. This makes hard to access this information to users.
Further details
We already have SAST and Dependency Scanning reports available at pipeline level. This one should follow the same pattern.
Proposal
Add the DAST report at pipeline level, like the other existing ones, in a collapsible section under the Security report tab.
Design
The designs and notes below are from #5105 (closed).
Note:
- DAST will be the last element in the "list"
- SAST
- Dependency Scanning
- Container Scanning
- DAST
- DAST will not report "by analyzing the review app" text
- In CI View we will limit the height of each report to a scrollable 500px
- Complete vulnerabilities report anchor will have existing functionality similar to SAST and expand report inline, changes to this functionality are deferred to https://gitlab.com/gitlab-org/gitlab-ee/issues/5322
Edited by Fabio Busatto