Explore how we might guide users through the entire configuration workflow for a security tool
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
Recommendation from Secure - Audit of scanner configuration UI
Problem to Solve
Currently, to enable or update the configuration of a security tool users are required to create a merge request or code change. This portion of the configuration process directs users away from the Security & Compliance area and provides them with little guidance or help to complete the workflow. In addition, the end of the configuration workflow (merging code to enable the feature) doesn't do a great job assuring users that the scanner is properly enabled or showing users where they can find scan results. The change in system status is not easily discovered.
Related issues
- Consider bypassing the MR for setting up Secure features
- Detect when a Secure feature is being enabled and add more guidance on the MR page
- Guide the user towards the corresponding vulnerability reports after a Secure feature is enabled
Proposal
To be determined...