Show security reports summary in pipelines' Security Dashboard
- Related issue: #222374 (closed)
What does this MR do?
This removes the vulnerability and scanned resources counts from the Pipeline Security Dashboard's filters in favor of a dedicated SecurityReportsSummary that takes care of displaying the information for each report type above the dashboard.
Note: when a given scanner detected
0vulnerabilities, we want to show that information. However, scanners that aren't configured currently report0vulnerabilities, which results in slightly misleading information in the summary as we can't tell non-configured scanners from the ones that didn't detect any vulnerabilities. This will be addressed in a follow-up backend issue: #223073 (closed)
How to test this?
- Enable the feature flag:
echo "Feature.enable(:pipelines_security_report_summary)" | spring rails c- Sign-in as the
rootuser - Visit a pipeline that has some security scanners setup an navigate to the Security tab
Screenshots
| Summary expanded | Summary collapsed |
|---|---|
 |
 |
Recording
Does this MR meet the acceptance criteria?
Conformity
- [-] Changelog entry (not required as this is behind a feature flag)
- [-] Documentation (if required) (not required as this is behind a feature flag)
-
Code review guidelines - [-] Merge request performance guidelines
-
Style guides - [-] Database guides
-
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. - [-] Tested in all supported browsers
- [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Edited by Paul Gascou-Vaillancourt