Allow for scanning jobs that return multiple scans
Problem to solve
User experience goal
We need to ask ourselves if there is real value to support multiple scanners and how we want to report that information to the end-user as this will impact the displays of Finding and Vulnerability throughout the application.
List the known cases where there is a need for more than one
- Investigate what would be the impact of adding an array of scanner objects instead of just one, for the whole architecture
- Propose an update of the JSON schemas
Proposal B: Extend the CI runner so that a single job can upload multiple reports of the same kind (like multiple SAST reports), make sure the Rails backend can handle this, and leverage this new capability wherever this makes sense.
Permissions and Security
Availability & Testing
What does success look like, and how can we measure that?
What is the type of buyer?
Is this a cross-stage feature?
- @gonzoyumo @NicoleSchwartz
- @sethgitlab @derekferguson
- @twoodham @tmccaslin
- @thiagocsf @matt_wilson
- @sethgitlab @stkerr