Show the dismissal reason in finding modal
What does this MR do and why?
Relates to #412834 (closed)
If the finding contains a dismissal reason, it will be rendered in the finding modal.
Note: This change is only made on the new standalone finding modal: VulnerabilityFindingModal, which isn't enabled by default yet (guarded behind a feature flag).
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
Before | After |
---|---|
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
Prerequisites
- You'll need an EE license
- You'll need to have runners enabled (See $2408961 for setting up a runner)
- Import https://gitlab.com/gitlab-examples/security/security-reports
- Run a pipeline on master
- enable feature flag:
echo "Feature.enable(:standalone_finding_modal)" | bundle exec rails c
Validate
- Go the vulnerability report of security-reports project
- Dismiss (with reason) a vulnerability which you can easily identify later
- Go to the pipeline you ran before on master
- Go to the security tab
- Click the "Hide dismissed" toggle
- Click on the info icon of the vulnerability you dismissed earlier
- Validate that there is a note mentioning
"Dismissed: <reason>"
You can do similar checks with vulnerabilities that have a linked project and/or pipeline to validate that the event message contains the status, dismissal reason, project name and/or pipeline id.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.