Check feature category assignments for the Static Analysis group
Proposal
We should audit our codebase to ensure the Sidekiq workers, controller actions, and API endpoints are assigned to the right feature category in the Sec section.
This will make them showing up on the group's grafana dashboard and the apdex and error-rates of these actions will then also contribute to the error budget (gitlab-com/gl-infra&437 (closed)) for the group.
Current categorizations
As of May 18, 2021, these are the current feature categories assigned to SAST:
./app/workers/concerns/security_scans_queue.rb: feature_category :static_application_security_testing
./app/controllers/projects/security/configuration_controller.rb: feature_category :static_application_security_testing
./ee/app/controllers/ee/projects/security/configuration_controller.rb: feature_category :static_application_security_testing
./ee/app/controllers/ee/projects/merge_requests_controller.rb: feature_category :static_application_security_testing, [:sast_reports]
./ee/app/controllers/projects/security/dashboard_controller.rb: feature_category :static_application_security_testing
./ee/app/controllers/projects/security/sast_configuration_controller.rb: feature_category :static_application_security_testing
And for Secret Detection:
ee/app/controllers/ee/projects/merge_requests_controller.rb: feature_category :secret_detection, [:secret_detection_reports]
Current features categories(SAST) assigned to sidekiq
jobs:
ee/app/workers/sync_security_reports_to_report_approval_rules_worker.rb: include SecurityScansQueue
ee/app/workers/store_security_scans_worker.rb: include SecurityScansQueue
ee/app/workers/security/store_scans_worker.rb: include SecurityScansQueue
ee/app/workers/scan_security_report_secrets_worker.rb: include SecurityScansQueue
ee/app/workers/store_security_reports_worker.rb: include SecurityScansQueue
Edited by rossfuhrman