Have an endpoint for projects with security reports enabled
Problem to solve
Currently, the group security dashboard has a project filter that lists all the projects in a group.
Proposal
We should have an endpoint that allows us to see only the projects in a group that actually have security reports enabled/configured. This endpoint will then need hooking up to the dashboard store.
To take into account:
-
Include the entire sub-groups tree, recursively -
Projects' visibility and access permissions - [-] Exclude forks (addressed in #11560 (closed))
- [-] Exclude projects shared from other groups (addressed in #11560 (closed))
Further details
This functionality would more trivial and performant to implement if we would have first-class reports implemented
The following discussion from !8944 (merged) should be addressed:
-
@ayufan started a discussion: (+2 comments) btw. I guess that we use that for fetching a list of projects to show for the sake of filtering:
- we do something similar on issues and todos, is that re-usable?
- this fetches all projects, it is uber annoying that we do not show the ones matching.
I did not check if the 2. is correct, but my gut feeling says that we do not show projects having vulns, but rather all of them.