Generate kics documentation url as the identifier
What does this MR do?
Goal
Override Kics url (that leads to the vulnerabilities platform documentation ) with Kics docs query url .
Plan
Kics docs query url is auto generated by the files directory of Kic's project .
it generated using the following components:
base url + platform + (not mandatory field technology) + rule id
When we build the analyzer, create a json file that represent the file directory we already have in the analyzer's files ,
example:
[
{
"id": "59312e8a-a64e-41e7-a252-618533dd1ea8",
"platform": "Terraform",
"cloudProvider": "common"
},
]At second step , added code that will take the rule id from the vulnerability identifier , match it with the json object , and extract the fields, than we build the url , overriding the existing one .
in case there is no data for specific rule id , we will use the default behavior of kics , return the url that lead to the vulnerability's platform documentation.
What are the relevant issue numbers?
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests updated/added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer