Add custom scanners to vulnerability list scanner filter [RUN ALL RSPEC] [RUN AS-IF-FOSS]
What does this MR do?
On the vulnerability report page, there are dropdowns that lets the user filter the vulnerability results. One of the filters is for scanners:
![]() |
Previously, this dropdown showed a flat list of scanner report types (a.k.a. scanner categories) and filtered the results from all scanners in that category. However, users are now able to add their own custom scanners in addition to the default GitLab ones. We need more granular filtering so that users can see results from the built-in GitLab scanners, their own custom scanners, or any other combination. Thus, this MR changes the scanner filter from a flat list to one that shows a Vendor -> Category
grouping:
Before | After |
---|---|
![]() |
![]() |
A user-level feature flag has also been added so that we can test this feature on staging/live with internal users to verify that the implementation is correct, before rolling it out for all users. This is the second go-around for this MR, the first one got reverted due to an incorrect implementation.
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides - [-] Database guides
-
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers -
Informed Infrastructure department of a default or new setting change, if applicable per definition of done
related issue #229661 (closed)