Skip to content
Snippets Groups Projects
Closed SAST Config UI - Analyzers
  • SAST Config UI - Analyzers

  • SAST Config UI - Analyzers

    Closed Epic created by Neil McCorrison

    Problem to Solve

    Provide UI to easily configure SAST analyzers

    Note: Button labels should be Expand and Collapse

    Collapsed analyzer section (Default)

    image

    Expanded analyzer section (user clicked Expand button)

    image

    Unchecked analyzer ("off" state)

    See Flawfinder example below where text input is disabled

    image

    Implementation Strategy

    frontend (this is perhaps best done after gitlab#227575 (closed), otherwise more would have to ported to GQL later)

    • frontend-weight2 Create expandable container component (likely under ee/app/assets/javascripts/security_configuration/sast/components)
    • frontend-weight2 Create AnalyzersConfiguration component
      • Uses the expand/collapse component
      • Receives analyzers configuration from GQL query as a prop
      • emits an input event with updated deep copy of analyzers prop, with changes applied
    • frontend-weight3 Consume AnalyzersConfiguration component in ConfigurationForm
      • Update ConfigurationForm to receive the analyzers configurations in addition to global + pipeline entities. Perhaps just the whole GQL response as-is? Perhaps rename entities prop to sastCiConfiguration, or configuration?
      • emits new copy of above prop with changes included
      • Update form submission logic to structure expected by backend (TBD)

    backend

    • backend-weight3 Read SAST template file and .gitlab-ci.yml files to decide whether analyzer is enabled. This issue will address this work.
    • backend-weight3 Read SAST template file and .gitlab-ci.yml files to get information about different variables at analyzer level. This issue will address this work.
    • backend-weight3 Store the information about analyzers in .gitlab-ci.yml file issue

    TBC @ssarka @rossfuhrman

    Relevant links:

    Release notes

    Release post items have been generated: gitlab-com/www-gitlab-com!64767 (merged)

    0 of 6 checklist items completed · Edited by Taylor McCaslin

    Linked items 0

  • Link items together to show that they're related or that one is blocking others.

    Activity

    • All activity
    • Comments only
    • History only
    • Newest first
    • Oldest first