Enable group level vulnerability report grouping
What does this MR do and why?
Enable group level vulnerability report grouping
Introduce the feature behind the :group_level_vulnerability_report_grouping
feature flag.
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
Before | After |
---|---|
![]() |
![]() |
How to set up and validate locally
- Enable
:group_level_vulnerability_report_grouping
feature flag
echo "Feature.enable(:group_level_vulnerability_report_grouping)" | rails c
- Create a group with vulnerabilities
- Fork https://gitlab.com/gitlab-examples/security/security-reports/ and add it under the created group
- Run a pipeline against the default branch to populate vulnerabilities
- Visit Group > Secure > Vulnerability Report
- Test the Group By feature
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #431633 (closed)
Merge request reports
Activity
changed milestone to %16.7
assigned to @svedova
- A deleted user
added backend feature flag frontend labels
- Resolved by Savas Vedova
1 Warning 8903adf7: The commit body should not contain more than 72 characters per line. For more information, take a look at our Commit message guidelines. 1 Message CHANGELOG missing: If this merge request needs a changelog entry, add the
Changelog
trailer to the commit message you want to add to the changelog.If this merge request doesn't need a CHANGELOG entry, feel free to ignore this message.
Reviewer roulette
Changes that require review have been detected!
Please refer to the table below for assigning reviewers and maintainers suggested by Danger in the specified category:
Category Reviewer Maintainer backend @imand3r
(UTC-8, 9 hours behind author)
@rzwambag
(UTC+1, same timezone as author)
frontend @mcavoj
(UTC+1, same timezone as author)
@ekigbo
(UTC+11, 10 hours ahead of author)
Please check reviewer's status!
Feel free to override these selections if you think someone else would be better-suited or use the GitLab Review Workload Dashboard to find other available reviewers.
To read more on how to use the reviewer roulette, please take a look at the Engineering workflow and code review guidelines. Please consider assigning a reviewer or maintainer who is a domain expert in the area of the merge request.
Once you've decided who will review this merge request, assign them as a reviewer! Danger does not automatically notify them for you.
If needed, you can retry the
danger-review
job that generated this comment.Generated by
Danger- Resolved by Savas Vedova
@lorenzvanherwaarden would you like to review this one? It's a simple MR which actually does quite a lot
requested review from @lorenzvanherwaarden
- Resolved by David Pisek
- Resolved by David Pisek
- Resolved by David Pisek
mentioned in issue #431633 (closed)
@beckalippert can you please review this MR?
requested review from @beckalippert
Bundle size analysis [beta]
This compares changes in bundle size for entry points between the commits 1b70913d and a69b52bc
Special assetsEntrypoint / Name Size before Size after Diff Diff in percent average 4.1 MB 4.1 MB - 0.0 % mainChunk 3.04 MB 3.04 MB - 0.0 %
Note: We do not have exact data for 1b70913d. So we have used data from: 23f9137d.
The intended commit has no webpack pipeline, so we chose the last commit with one before it.Please look at the full report for more details
Read more about how this report works.
Generated by
Danger- Resolved by Lorenz van Herwaarden
- Resolved by Lorenz van Herwaarden
Allure report
allure-report-publisher
generated test report!e2e-test-on-gdk:
test report for a69b52bcexpand test summary
+-----------------------------------------------------------------------+ | suites summary | +------------------+--------+--------+---------+-------+-------+--------+ | | passed | failed | skipped | flaky | total | result | +------------------+--------+--------+---------+-------+-------+--------+ | Data Stores | 23 | 0 | 0 | 0 | 23 | ✅ | | Verify | 31 | 0 | 0 | 0 | 31 | ✅ | | Create | 48 | 0 | 9 | 0 | 57 | ✅ | | Manage | 0 | 0 | 1 | 0 | 1 | ➖ | | Govern | 57 | 0 | 0 | 0 | 57 | ✅ | | Plan | 55 | 0 | 0 | 0 | 55 | ✅ | | Package | 0 | 0 | 1 | 0 | 1 | ➖ | | Monitor | 8 | 0 | 0 | 0 | 8 | ✅ | | Framework sanity | 0 | 0 | 1 | 0 | 1 | ➖ | +------------------+--------+--------+---------+-------+-------+--------+ | Total | 222 | 0 | 12 | 0 | 234 | ✅ | +------------------+--------+--------+---------+-------+-------+--------+
e2e-package-and-test:
test report for a69b52bcexpand test summary
+-------------------------------------------------------------+ | suites summary | +--------+--------+--------+---------+-------+-------+--------+ | | passed | failed | skipped | flaky | total | result | +--------+--------+--------+---------+-------+-------+--------+ | Govern | 176 | 0 | 14 | 2 | 190 | ❗ | +--------+--------+--------+---------+-------+-------+--------+ | Total | 176 | 0 | 14 | 2 | 190 | ❗ | +--------+--------+--------+---------+-------+-------+--------+
e2e-review-qa:
test report for ce780034expand test summary
+-----------------------------------------------------------------------+ | suites summary | +------------------+--------+--------+---------+-------+-------+--------+ | | passed | failed | skipped | flaky | total | result | +------------------+--------+--------+---------+-------+-------+--------+ | Govern | 47 | 4 | 2 | 0 | 53 | ❌ | | Monitor | 4 | 0 | 0 | 0 | 4 | ✅ | | Plan | 3 | 0 | 1 | 0 | 4 | ✅ | | Create | 6 | 2 | 2 | 2 | 10 | ❌ | | Data Stores | 2 | 0 | 0 | 0 | 2 | ✅ | | Package | 0 | 0 | 1 | 0 | 1 | ➖ | | ModelOps | 0 | 0 | 1 | 0 | 1 | ➖ | | Framework sanity | 0 | 0 | 1 | 0 | 1 | ➖ | +------------------+--------+--------+---------+-------+-------+--------+ | Total | 62 | 6 | 8 | 2 | 76 | ❌ | +------------------+--------+--------+---------+-------+-------+--------+
mentioned in issue #432842
- Resolved by David Pisek
@lorenzvanherwaarden
, thanks for approving this merge request.This is the first time the merge request has been approved. To ensure we don't only run predictive pipelines, and we don't break
master
, a new pipeline will be started shortly.Please wait for the pipeline to start before resolving this discussion and set auto-merge for the new pipeline. See merging a merge request for more details.
added pipeline:mr-approved label
mentioned in commit gitlab-org-sandbox/gitlab-jh-validation@6dab8c15
requested review from @ghavenga
- Resolved by David Pisek
@dpisek can you please maintainerize this one?
requested review from @dpisek
added 501 commits
-
afda5c72...a7fcdc34 - 498 commits from branch
master
- b9b0391d - Enable group level vulnerability report grouping
- 51190b93 - Apply 1 suggestion(s) to 1 file(s)
- 8cd2803b - Remove unnecessary test
Toggle commit list-
afda5c72...a7fcdc34 - 498 commits from branch
mentioned in commit gitlab-org-sandbox/gitlab-jh-validation@7b8dbf11
removed review request for @lorenzvanherwaarden
- Resolved by Savas Vedova
enabled an automatic merge when the pipeline for 0930f84d succeeds
mentioned in issue #433099 (closed)
added 172 commits
-
8cd2803b...4fa941ad - 169 commits from branch
master
- 77e87f70 - Enable group level vulnerability report grouping
- b764d554 - Apply 1 suggestion(s) to 1 file(s)
- ce780034 - Remove unnecessary test
Toggle commit list-
8cd2803b...4fa941ad - 169 commits from branch
mentioned in commit gitlab-org-sandbox/gitlab-jh-validation@8f74f3e7
mentioned in commit gitlab-org-sandbox/gitlab-jh-validation@1111945c
mentioned in issue #422510
enabled an automatic merge when the pipeline for 9ec2259e succeeds
added 255 commits
-
ce780034...504dd9f9 - 252 commits from branch
master
- 6068e7d1 - Enable group level vulnerability report grouping
- c25cd6f1 - Apply 1 suggestion(s) to 1 file(s)
- 4657797d - Remove unnecessary test
Toggle commit list-
ce780034...504dd9f9 - 252 commits from branch
enabled an automatic merge when the pipeline for eced25ec succeeds
mentioned in commit gitlab-org-sandbox/gitlab-jh-validation@680ddd69
mentioned in epic &10164
added 47 commits
-
4657797d...55557141 - 44 commits from branch
master
- 7242e37e - Enable group level vulnerability report grouping
- 5d08f02e - Apply 1 suggestion(s) to 1 file(s)
- 916c2099 - Remove unnecessary test
Toggle commit list-
4657797d...55557141 - 44 commits from branch
mentioned in commit gitlab-org-sandbox/gitlab-jh-validation@3eeb9015
enabled an automatic merge when the pipeline for de48a45e succeeds
mentioned in commit gitlab-org-sandbox/gitlab-jh-validation@de48a45e
- Resolved by David Pisek
Running another pipeline @svedova - if it fails, we might need to rebase
mentioned in commit gitlab-org-sandbox/gitlab-jh-validation@84067c93
added 328 commits
-
916c2099...1b70913d - 325 commits from branch
master
- 8903adf7 - Enable group level vulnerability report grouping
- ba708b4d - Apply 1 suggestion(s) to 1 file(s)
- a69b52bc - Remove unnecessary test
Toggle commit list-
916c2099...1b70913d - 325 commits from branch
mentioned in commit gitlab-org-sandbox/gitlab-jh-validation@8a1bc663
enabled an automatic merge when the pipeline for 8a1bc663 succeeds
mentioned in commit c7086021
added workflowstaging-canary label
@svedova This merge request was deployed to the workflowstaging-canary environment. You may want to enable the associated feature flag on this environment with/chatops run feature set group_level_vulnerability_report_grouping true --staging
.This message was generated automatically. You're welcome to improve it.
@svedova This merge request was deployed to the workflowcanary environment. You may want to enable the associated feature flag on this environment with/chatops run feature set group_level_vulnerability_report_grouping true --production
.This message was generated automatically. You're welcome to improve it.
@svedova This merge request was deployed to the workflowproduction environment. You may want to enable the associated feature flag on this environment with/chatops run feature set group_level_vulnerability_report_grouping true --production
.This message was generated automatically. You're welcome to improve it.
@svedova This merge request was deployed to the workflowstaging environment. You may want to enable the associated feature flag on this environment with/chatops run feature set group_level_vulnerability_report_grouping true --staging
.This message was generated automatically. You're welcome to improve it.
added workflowcanary label and removed workflowstaging-canary label
mentioned in issue gitlab-com/www-gitlab-com#34645 (closed)
added workflowproduction label and removed workflowcanary label
added workflowstaging label and removed workflowproduction label
added workflowpost-deploy-db-staging label and removed workflowstaging label
added workflowpost-deploy-db-production label and removed workflowpost-deploy-db-staging label
added releasedcandidate label
mentioned in issue gitlab-org/quality/triage-reports#16487 (closed)
mentioned in issue gitlab-org/quality/triage-reports#17018 (closed)
mentioned in merge request gitlab-com/www-gitlab-com!133792 (merged)
mentioned in issue gitlab-org/quality/triage-reports#17467 (closed)
mentioned in issue gitlab-org/quality/triage-reports#17925 (closed)
mentioned in issue gitlab-org/quality/triage-reports#18459 (closed)