Notify the user when the security chart is not yet ready
Proposal
When the vulnerabilities are generated after the first pipeline run in a project, the security dashboard displays no data in the chart. However, when the user checks the vulnerability report, they'll see that the report contains a list of vulnerabilities (if there are any found). This is confusing because the dashboard and report display two different data. In order to remove this confusion, we can display a message to the user which states that the data is still in the process of being generated and that they should check back tomorrow when the security dashboard data is still being processed.
Technically speaking, the reason of the difference is because of how the chart data is generated. It's a cron job that runs over a period and by the time the first pipeline is complete, the cron is probably not run yet.
In order to reproduce this:
- Fork https://gitlab.com/gitlab-examples/security/security-reports/
- Run the pipeline and wait that it's complete (it should fail btw, it's intentional).
- Go to Your Project > Security & Compliance > Security Dashboard
- You should see an empty chart (expected to see a message here, which states a message that tells data is still in the process of being generated).
- Now go to Your Project > Security & Compliance > Vulnerability Report
- You should see a list of vulnerabilities (this is the confusing part because the security dashboard shows no data).
This is how it looks like if you follow the steps above.
Security Dashboard | Vulnerability Report |
---|---|
-->