Add image token to enhanced vulnerability report filtering
What does this MR do and why?
Related #433368 (closed)
This MR adds the image token which allows to filter by images when the vulnerability_report_advanced_filtering
feature flag is enabled.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
How to set up and validate locally
- Fork https://gitlab.com/lorenzvanherwaarden/security-reports-many-images -> this repo has a couple more vulnerability samples with images
- Create vulnerabilities by running a pipeline against the default branch
- Go the Secure > Vulnerability Report inside the project and select Operational vulnerabilities tab
- Make sure to enable the feature flag:
echo "Feature.enable(:vulnerability_report_advanced_filtering)" | rails c
- Interact with the Filtered Search (Image Token)
- We don't have actual operational vulnerabilities, so we validate by checking that the graphql query variables for the image_token.vue are the same when selecting images compared to when using the image_filter.vue. Namely:
image
variable is an array of the image names, and is an empty array when "All images" is selected.
Edited by Lorenz van Herwaarden