Skip to content

Adherence checks for SAST and DAST security scanners show wrong fix

Nate Rosandichrequested to merge
506655-adherence-checks-for-sast-and-dast-security-scanners-show-wrong-fix into master

What does this MR do and why?

Recently we introduced adherence checks for SAST and DAST security scanners.

But when clicking the more information link for a SAST scan standard adherence failure opens a pop over with an incorrect fix recommended Merge request approval rules Update approval settings in the project's merge request settings to satisfy this requirement.

Example project https://gitlab.com/compliance-group-testing-and-demos/team-testing-subgroup/nrosandich/adherence-scanners-checks/-/security/compliance_dashboard/standards_adherence

This MR makes the content in the fix part of the sidebar dynamic based on the adherence check.

References

Please include cross links to any resources that are relevant to this MR. This will give reviewers and future readers helpful context to give an efficient review of the changes introduced.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before After

How to set up and validate locally

  1. This will require a group with an ultimate license
  2. Create a new project and configure SAST and DAST scanners
  3. Run a pipeline to create SAST and DAST scanner artifacts
  4. Navigate to the compliance center adherence report
  5. Click on View details (fix available) for a row with failing SAST and DAST and review the fixes sidebar content

Related to #506655 (closed)

Edited by Nate Rosandich

Merge request reports