Value Streams Dashboard: Add Vulnerabilities metrics to the "Metrics comparison panel"
Overview
Problem to solve
GitLab Analytics provide high value to executives. However, these reports are spread across multiple pages in GitLab and may require specific filters to be applied to be relevant. Executives' time is very valuable, and they might not know how to use GitLab to get insights that are relevant to their business. The Exec need centralized UI where they can see and compare all of the SDLC lifecycle metrics.
workflowproblem validation feedback:
- #370887 (comment 1122463787)
- https://gitlab.com/gitlab-org/gitlab/-/issues/353651#note_1049424781
- https://gitlab.com/gitlab-org/gitlab/-/issues/353651#note_1117963858
- https://gitlab.com/gitlab-org/gitlab/-/issues/353651#note_1028624822
JTBD & Personas:
Main JTBD Optimize: "When I am optimizing my value stream, I want to identify opportunities for improvement, or detect risks in the delivery of value to customers."
Erin (Application Development Executive)
Proposal
Add security vulnerabilities metrics to the comparison widget.
- Critical Vulnerabilities: monthly number of Critical Vulnerabilities.
- High Vulnerabilities: monthly number of High Vulnerabilities.
- Add tooltips and drill-down links to the metrics names (description below).
- permissions / user tole - ** Developer and above**. All metrics are visible to anyone who has access to this page.
- GitLab Ultimate only.
- Data queries via GraphQL Query.vulnerabilities.
- Out of scope for this issue - Medium and Low Vulnerabilities.
- Out of scope for this issue - Project security status.
-
Out of scope for this issue - Trend color - green for decrease.- an increase in vulnerabilities is negative so the gradient should turn from blue to green (from top to bottom)
Tooltips description:
| # | Metric name | Description | Drill down for deeper insights | Go to Docs |
|---|---|---|---|---|
| 1 | Critical Vulnerabilities | Total Critical project vulnerabilities | https://gitlab.com/gitlab-org/gitaly/-/security/vulnerability_report/?severity=CRITICAL | https://docs.gitlab.com/ee/user/application_security/vulnerabilities/severities.html |
| 2 | High Vulnerabilities | Total High project vulnerabilities | https://gitlab.com/gitlab-org/gitaly/-/security/vulnerability_report/?severity=HIGH | https://docs.gitlab.com/ee/user/application_security/vulnerabilities/severities.html |
Edited by Alana Bellucci