Skip to content
GitLab Next
  • Menu
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • GitLab GitLab
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
    • Locked Files
  • Issues 44,101
    • Issues 44,101
    • List
    • Boards
    • Service Desk
    • Milestones
    • Iterations
    • Requirements
  • Merge requests 1,352
    • Merge requests 1,352
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
    • Test Cases
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages & Registries
    • Packages & Registries
    • Package Registry
    • Container Registry
    • Infrastructure Registry
  • Monitor
    • Monitor
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Code review
    • Insights
    • Issue
    • Repository
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • GitLab.orgGitLab.org
  • GitLabGitLab
  • Issues
  • #222767
Closed
Open
Created Jun 16, 2020 by Derek Ferguson@derekfergusonDeveloper

DAST Scanner Profiles implementation - Form MVC [parent issue]

Problem to solve

As a user, I want to be able to create a "Scanner profile" to use in my on-demand DAST scans, so that I can create multiple ways of scanning my sites within a single project.

Intended users

  • Sasha (Software Developer)
  • Sam (Security Analyst)

User experience goal

The user should be able to create a Scanner profile from either the Profile Library or the On-demand scan initiation page and specify the profile name, the Spider timeout, and the Target timeout.

Proposal

Review the design: #217016 (closed)

The user should be able to create a Scanner profile that contains:

  • Profile Name
  • Spider timeout
  • Target timeout

This profile should then be selectable in the On-demand scan page for the project. The ability to create a profile should be linked from both the Profile Library page and the On-demand scan page, so that the user doesn't have to use the left navigation to create a profile if they are already at either page.

Further details

Maintainer, owner, and developer roles should have access to create new Scanner profiles.

Documentation

The DAST config docs should be updated to include creating new Scanner profiles.

Designs

new-scanner-profile-3

Issue breakdown

Iteration # Description Issue Department(s)
1 Create basic route config, controller action, HAML view and Vue app #235399 (closed) frontend
2 Create the basic form #235405 (closed) backend, frontend
3 Add ability to edit a scanner profile #235407 (closed) backend, frontend
4 Document scanner profiles #235416 (closed) documentation
Edited Sep 10, 2020 by Neil McCorrison
Assignee
Assign to
Time tracking