Show pipeline link on Dependency List - backend
Summary
The Dependency List page has a mention:
Based on the latest successful scan • 3 hours ago
at the top of the page, linking to a GitLab-CI job, instead of the whole pipeline.
Steps to reproduce
- Go to https://gitlab.com/gitlab-org/customers-gitlab-com/-/dependencies
- Follow the link "latest successful scan"
Example Project
https://gitlab.com/gitlab-org/customers-gitlab-com/-/dependencies
https://gitlab.com/gitlab-org/secure/security-reports/-/licenses
What is the current bug behavior?
- Links to https://gitlab.com/gitlab-org/customers-gitlab-com/-/jobs/881114924, which is a
retire-js-dependency_scanning
job, and obviously not the only one building the Dependency List.
What is the expected correct behavior?
Relevant logs and/or screenshots
Nope
Output of checks
This bug happens on GitLab.com
Possible fixes
Use the same section as the Vulnerability Report:
Implementation plan
- Add to
ReportListEntity
pipeline_path
field and expose pipeline path the same way asjob_path
. - Add tests to
ee/spec/support/shared_examples/serializers/report_status_shared_examples.rb
/cc @NicoleSchwartz @gonzoyumo for prioritization
Edited by -