Add security training promo to security dashboard

What does this MR do and why?

It adds a promotion banner for the upcoming security training feature to the security dashboard:

Note: This is currently behind the secure_vulnerability_training feature flag and additional view-logic, like dismissal, etc. are tracked in separate issues and will be added in later MRs

Screenshots or screen recordings

These are strongly recommended to assist reviewers and reduce the time to merge your change.

How to set up and validate locally

1. Enable the feature flag

echo "Feature.enable(:secure_vulnerability_training)" | rails c

2. Navigate to a project's security dashboard ("Security & Compliance" -> "Security Dashboard")

Numbered steps to set up and validate the change are strongly suggested.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

• I have evaluated the MR acceptance checklist for this MR.

Related to #350440 (closed)

changed milestone to %14.8

added auto updated devopssecure frontend groupthreat insights sectionsec typefeature workflowin dev labels

assigned to @dpisek

added backend label

	1 Message
	CHANGELOG missing: If you want to create a changelog entry for GitLab FOSS, add the Changelog trailer to the commit message you want to add to the changelog. If you want to create a changelog entry for GitLab EE, also add the EE: true trailer to your commit message. If this merge request doesn't need a CHANGELOG entry, feel free to ignore this message.

Reviewer roulette

Changes that require review have been detected!

Please refer to the table below for assigning reviewers and maintainers suggested by Danger in the specified category:

Category	Reviewer	Maintainer
backend	Pedro Pombeiro (@pedropombeiro) (UTC+1, 10 hours behind @dpisek)	Mayra Cabrera (@mayra-cabrera) (UTC-6, 17 hours behind @dpisek)
frontend	Florie Guibert (@fguibert) (UTC+10, 1 hour behind @dpisek)	Andrew Fontaine (@afontaine) (UTC-5, 16 hours behind @dpisek)

To spread load more evenly across eligible reviewers, Danger has picked a candidate for each review slot, based on their timezone. Feel free to override these selections if you think someone else would be better-suited or use the GitLab Review Workload Dashboard to find other available reviewers.

To read more on how to use the reviewer roulette, please take a look at the Engineering workflow and code review guidelines. Please consider assigning a reviewer or maintainer who is a domain expert in the area of the merge request.

Once you've decided who will review this merge request, assign them as a reviewer! Danger does not automatically notify them for you.

If needed, you can retry the danger-review job that generated this comment.

Generated by Danger

added 1 commit

• 4a48712c - Add security training promo to security dashboard

Compare with previous version

added 1 commit

• a8d4886e - Add security training promo to security dashboard

Compare with previous version

Allure report

allure-report-publisher generated test report for 2260e639!

review-qa-smoke: test report
review-qa-reliable: test report

added 1 commit

• 0075ad39 - Add security training promo to security dashboard

Compare with previous version

added 1 commit

• 0953f1c0 - Add security training promo to security dashboard

Compare with previous version

added 1 commit

• f51e95a6 - Add security training promo to security dashboard

Compare with previous version

changed the description

marked the checklist item I have evaluated the MR acceptance checklist for this MR. as completed

@sming-gitlab - Could you please do the initial frontend review? Please assign to danger's suggestion if you are at capacity!

marked this merge request as ready

added 1 commit

• 9f2dfcf8 - Add security training promo to security dashboard

Compare with previous version

@eugielimpin - Are you free to do the initial backend review? Just some small changes

requested review from @sming-gitlab

requested review from @eugielimpin

added workflowin review label and removed workflowin dev label

Bundle size analysis [beta]

This compares changes in bundle size for entry points between the commits ed96cd1c and 2260e639

Special assets

Entrypoint / Name	Size before	Size after	Diff	Diff in percent
average	3.66 MB	3.66 MB	-	-0.0 %
mainChunk	2.28 MB	2.28 MB	-	0.0 %

Significant Growth: 1

Expand

Entrypoint / Name	Size before	Size after	Diff	Diff in percent
pages.groups.sso	70.7 KB	74.35 KB	+3.65 KB	5.2 %

Significant Reduction: 3

Expand

Entrypoint / Name	Size before	Size after	Diff	Diff in percent
pages.registrations.groups_projects.new	29.33 KB	17.51 KB	-11.83 KB	-40.3 %
pages.admin.integrations.edit	133.49 KB	130.28 KB	-3.2 KB	-2.4 %
pages.groups.new	67.81 KB	65.93 KB	-1.88 KB	-2.8 %

---

Your MR has at least one entrypoint growing significantly (more > 1 KB or 2%). If you write new or extend existing features, this is expected and there is nothing to worry about.

Please consider pinging someone from the FE Foundations (@dmishunov, @justin_ho, @mikegreiling or @nmezzopera) for review, if you are unsure about the size increase.

Please look at the full report for more details

---

Read more about how this report works.

Generated by Danger

approved this merge request

@eugielimpin, thanks for approving this merge request.

This is the first time the merge request is approved. To ensure full test coverage, a new pipeline has been started.

For more info, please refer to the following links:

• rspec minimal jobs
• jest minimal jobs
• merging a merge request.

removed review request for @eugielimpin

requested review from @eugielimpin and removed review request for @sming-gitlab

approved this merge request

unapproved this merge request

added 154 commits

• 9f2dfcf8...8a746770 - 152 commits from branch master
• 5b389170 - Add security training promo to security dashboard
• 1aad3915 - Reviewer feedback: Fix failing specs

Compare with previous version

added 1 commit

• 2260e639 - Reviewer feedback: specs improvements

Compare with previous version

Thanks for the great review and suggestions @sming-gitlab !

@afontaine - Do you have capacity for the frontend maintainer review?

requested review from @afontaine

requested review from @mwoolf and removed review request for @eugielimpin

approved this merge request

removed review request for @mwoolf

resolved all threads

approved this merge request

thanks @dpisek! setting this to MWPS

enabled an automatic merge when the pipeline for cee7f2d1 succeeds

merged

mentioned in commit 483817ce

resolved all threads

mentioned in issue #350684

added workflowstaging-canary label and removed workflowin review label

added workflowstaging label and removed workflowstaging-canary label

added workflowcanary label and removed workflowstaging label

added workflowproduction label and removed workflowcanary label

added releasedcandidate label

added releasedpublished label and removed releasedcandidate label

mentioned in merge request !81934 (merged)