Expose secure scan data (JSON / artifacts) for core customers in an easy to find and download way
Problem to solve
As we move scans into core, what is the most efficient/useful way to tell the core user that the SAST job has completed and there is a result to view."
Intended users
Personas are described at https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/ -->
Further details
We never want to frustrate or force users to hunt things down, and having to hunt around for the scan results could leave them frustrated.
Proposal
Have an area where any user of any level can see a list of scan results and have it rendered.
Assumption, feel free to ignore - I was thinking like a list and you click and then it comes up like https://jsonlint.com/
Permissions and Security
must have ability to see code (reporter+)
Documentation
yes update user docs
Testing
- create a test for list of artifacts to render - for each permission level
- create a test for an individual artifact to render - for each permission level
What does success look like, and how can we measure that?
Core users can find and see scan results within UI
What is the type of buyer?
Core
Links / references
Edited by Camellia X Yang