Sign in or sign up before continuing. Don't have an account yet? Register now to get started.

Add `Cluster` filter to the group/security center `Operational vulnerabilities` vulnerability report

Why are we doing this work

users want to see operational vulnerabilities and filter by the cluster they come from at the group/security center level

Relevant links

Design Issue

Non-functional requirements

Documentation
Testing:

Implementation plan

frontend extend the cluster_filter
- group-level
  - update the Group.clusterAgents(hasVulnerabilities: Boolean) vulnerability request to filter by clusterAgentId: [ClustersAgentID!]
  - modify Group.vulnerabilitySeveritiesCount to be used with clusterAgentId
- security center
  - update the InstanceSecurityDashboard.clusterAgents(hasVulnerabilities: Boolean) vulnerability request to filter by clusterAgentId: [ClustersAgentID!]
  - modify InstanceSecurityDashboard.vulnerabilitySeveritiesCount to be used with clusterAgentId
backend
- group
  - modify Group.vulnerabilitySeveritiesCount to be used with clusterAgentId
- security center
  - modify InstanceSecurityDashboard.vulnerabilitySeveritiesCount to be used with clusterAgentId

Verification steps

Ensure your GDK has a GitLab Ultimate license
Ensure your GDK is connected to the GitLab Runner
Follow these docs to set up the kubernetes agent
Clone test-cis-with-agentid and run the pipeline
Link the agent to a project
Run the pipeline to generate vulnerabilities
Navigate to the agent/group/security center vulnerability report
View the vulnerabilities

Edited Aug 11, 2022 by Alexander Turinske

Assignee Loading

Time tracking Loading