Make report-type artifacts (e.g. junit.xml, code-climate.json, etc) available for download without double storage cost (#23847) · Issues · GitLab.org / GitLab

Make report-type artifacts (e.g. junit.xml, code-climate.json, etc) available for download without double storage cost

Problem to solve

Currently, users can download archive-type artifacts through GitLab UI.

In terms of Extend artifacts definition to provide reports: context, we should expand GitLab UI to let users to download report-type artifacts, too without having to incur double storage costs.

Intended users

Further details

Use Cases

When a container scanning json item is created in a job, Sam wants it to be available for download from the job AND available for static scanning.

Proposal

Update the artifacts: path: keyword such that the container scanning report is available for download AND to the rails backend for viewing in the pipeline view.

We would need gitlab-ce~2024184 engineer's help, because we have someplace to download artifacts belong to a job.

e.g.

Permissions and Security

Documentation

Testing

What does success look like, and how can we measure that?

Sam can still download a container scanning report AND have it accessible within the job view without double storage of the report.
Documentation is clear on how to setup the artifacts: keyword to make this happen

What is the type of buyer?

The likely buyer here is one already using container scanning available for Ultimate/Gold customers.

Links / references

Release post

### Problem to solve

Currently, users can download archive-type artifacts through GitLab UI.

In terms of [Extend artifacts definition to provide `reports:` context](https://gitlab.com/gitlab-org/gitlab-ce/issues/46809), we should expand GitLab UI to let users to download report-type artifacts, too without having to incur [double storage costs](https://gitlab.com/gitlab-org/gitlab/issues/36134#note_243563056).

### Intended users

* [Sasha (Software Developer)](https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/#sasha-software-developer)
* [Sam (Security Analyst)](https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/#sam-security-analyst)

### Further details

#### Use Cases

* When a container scanning json item is created in a job, Sam wants it to be available for download from the job AND available for [static scanning](https://docs.gitlab.com/ee/user/application_security/container_scanning/).

### Proposal

Update the `artifacts: path:` keyword such that the container scanning report is available for download AND to the rails backend for viewing in the pipeline view.

We would need gitlab-ce~2024184 engineer's help, because we have someplace to download artifacts belong to a job.

e.g.

![Screenshot_from_2018-08-25_12-06-06](/uploads/0ff374fa78d8e2159c69ed993237e6d6/Screenshot_from_2018-08-25_12-06-06.png)

### Permissions and Security

### Documentation

### Testing

### What does success look like, and how can we measure that?

* Sam can still download a container scanning report AND have it accessible within the job view without double storage of the report.
* Documentation is clear on how to setup the `artifacts:` keyword to make this happen

### What is the type of buyer?