Backend - Security and compliance page - add corpus management row/link
This issue captures the backend needed to support #280593 (closed). We need to add a card
for corpus management.
Screenshots
Note from Frontend:
-
Configuration is parsed via JSON that is passed in as a HTML data attribute. It is parsed here
-
JSON is provided in show.html.haml as a html data attribute.
-
The configuration variable is defined in the controller here. It seems to use the
::Projects::Security::ConfigurationPresenter
-
We
features
field seems to already cover:coverage_fuzzing
. Seen here -
The
::Security::SecurityJobsFinder.allowed_job_types
are used here -
It seems like we don't need to add
:corpus_management
to the whitelist here. Corpus management is part of:coverage_fuzzing
as a management screen. (managing corpuses, not configuring the coverage fuzzing job) for the existing coverage fuzzing scanner. -
Not sure, but I don't think we need to add a configuration path here since corpus management doesn't have any job configuration options.
Backend Implementation Plan:
TO BE FILLED OUT BY BACKEND
Sample JSON response:
[
{
"type": "sast",
"configured": true,
"configuration_path": "/farias-gl/debug-cov-fuzz-project/-/security/configuration/sast",
"available": true
},
{
"type": "dast",
"configured": false,
"configuration_path": "/farias-gl/debug-cov-fuzz-project/-/security/configuration/dast",
"available": true
},
{
"type": "dependency_scanning",
"configured": false,
"configuration_path": null,
"available": true
},
{
"type": "container_scanning",
"configured": false,
"configuration_path": null,
"available": true
},
{
"type": "secret_detection",
"configured": false,
"configuration_path": null,
"available": true
},
{
"type": "coverage_fuzzing",
"configured": true,
"configuration_path": null,
"available": true
},
{
"type": "api_fuzzing",
"configured": false,
"configuration_path": "/farias-gl/debug-cov-fuzz-project/-/security/configuration/api_fuzzing",
"available": true
},
{
"type": "cluster_image_scanning",
"configured": false,
"configuration_path": null,
"available": true
},
{
"type": "license_scanning",
"configured": false,
"configuration_path": null,
"available": true
},
{
"type": "dast_profiles",
"configured": true,
"configuration_path": "/farias-gl/debug-cov-fuzz-project/-/security/configuration/dast_scans",
"available": false
}
]
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.