Skip to content

Add vulnerabilities to instance security dashboard

Problem to solve

Vulnerabities need to be displayed on the instance security dashboard. This is the final step towards implementing the dashboard.

Proposal

In order to reuse existing shared vulnerability logic such as the Vulnerable model concern and the VulnerabilityActions controller concern, create an ApplicationInstance model (without tying it to ActiveRecord) that has all the necessary features of a "vulnerable". More details can be found in this (slightly outdated) comment.

New vulnerability related routes and a controller will need to be added for this dashboard.

Permissions and Security

No one should be able to access the vulnerability endpoints who cannot access the instance security dashboard or any of the projects for which vulnerabilities are being requested.

What is the type of buyer?

GitLab Ultimate

Links / references

This is a child issue of #6953 (closed).