Add vulnerabilities to instance security dashboard
Problem to solve
Vulnerabities need to be displayed on the instance security dashboard. This is the final step towards implementing the dashboard.
Proposal
In order to reuse existing shared vulnerability logic such as the Vulnerable
model concern and the VulnerabilityActions
controller concern, create an ApplicationInstance
model (without tying it to ActiveRecord) that has all the necessary features of a "vulnerable". More details can be found in this (slightly outdated) comment.
New vulnerability related routes and a controller will need to be added for this dashboard.
Permissions and Security
No one should be able to access the vulnerability endpoints who cannot access the instance security dashboard or any of the projects for which vulnerabilities are being requested.
What is the type of buyer?
Links / references
This is a child issue of #6953 (closed).