Skip to content

DAST "Manage scans" not showing in Security Configuration

Summary

Since !72631 (merged), the Manage scans button has disappeared from the Security Configuration page.

The logic around what card can be shown likely has been consolidated while moving the configuration presented to FOSS, but it might not account for the fact that DAST profiles management isn't a regular scanner but a standalone configuration page.

Additionally, it looks like the Manage corpus button in Corpus management now always shows up but is hidden if the above MR is reverted.

Steps to reproduce

On GitLab.com, visit any project's Security Configuration page.

Example Project

Any project.

What is the current bug behavior?

  • The Manage scans button does not show up.
  • The Manage corpus buttons shows up.

What is the expected correct behavior?

  • The Manage scans button shows up.
  • The Manage corpus buttons does not show up?

Relevant logs and/or screenshots

DAST profiles

Before !72631 (merged) After !72631 (merged)
Screen_Shot_2021-11-15_at_5.36.15_PM Screen_Shot_2021-11-15_at_5.38.05_PM

Corpus management

Before !72631 (merged) After !72631 (merged)
Screen_Shot_2021-11-15_at_5.37.15_PM Screen_Shot_2021-11-15_at_5.38.15_PM

Possible fixes

An obvious fix might be to always expose the configuration path, but this might not be the proper way.

diff --git a/ee/lib/ee/gitlab/security/scan_configuration.rb b/ee/lib/ee/gitlab/security/scan_configuration.rb
index d29e61050f4..cdfa6bd1b7c 100644
--- a/ee/lib/ee/gitlab/security/scan_configuration.rb
+++ b/ee/lib/ee/gitlab/security/scan_configuration.rb
@@ -13,7 +13,7 @@ def configured?
         end
 
         def configuration_path
-          configurable_scans[type] if available? || type == :corpus_management
+          configurable_scans[type] if available? || type == :corpus_management || type == :dast_profiles
         end
 
         private

/cc @mfangman @brytannia