Improve documentation around SAST failures in pipeline

Improve doc around SAST failures Make error code link available Refactor code

Improve documentation around SAST failures in pipeline
Improve doc around SAST failures Make error code link available Refactor code
8a3f6502 · saikat sarkar · Russell Dickenson · 191b9600 · 8a3f6502 · 8a3f6502
Commit 8a3f6502 authored Apr 26, 2020 by saikat sarkar Committed by Russell Dickenson Apr 26, 2020
3 changed files
--- a/doc/user/application_security/dast/index.md
+++ b/doc/user/application_security/dast/index.md
@@ -51,6 +51,9 @@ However, DAST can be [configured](#full-scan)
 to also perform a so-called "active scan". That is, attack your application and produce a more extensive security report.
 It can be very useful combined with [Review Apps](../../../ci/review_apps/index.md).

+NOTE: **Note:**
+A pipeline may consist of multiple jobs, including SAST and DAST scanning. If any job fails to finish for any reason, the security dashboard will not show DAST scanner output. For example, if the DAST job finishes but the SAST job fails, the security dashboard will not show DAST results. The analyzer will output an [exit code](../../../development/integrations/secure.md#exit-code) on failure.
+
 ## Use cases

 It helps you automatically find security vulnerabilities in your running web

--- a/doc/user/application_security/sast/index.md
+++ b/doc/user/application_security/sast/index.md
@@ -36,6 +36,9 @@ The results are sorted by the priority of the vulnerability:
 1. Unknown
 1. Everything else

+NOTE: **Note:**
+A pipeline consists of multiple jobs, including SAST and DAST scanning. If any job fails to finish for any reason, the security dashboard will not show SAST scanner output. For example, if the SAST job finishes but the DAST job fails, the security dashboard will not show SAST results. The analyzer will output an [exit code](../../../development/integrations/secure.md#exit-code) on failure.
+
 ## Use cases

 - Your code has a potentially dangerous attribute in a class, or unsafe code

--- a/doc/user/application_security/security_dashboard/index.md
+++ b/doc/user/application_security/security_dashboard/index.md
@@ -44,6 +44,9 @@ Visit the page for any pipeline which has run any of the [supported reports](#su

 ![Pipeline Security Dashboard](img/pipeline_security_dashboard_v12_6.png)

+NOTE: **Note:**
+A pipeline consists of multiple jobs, including SAST and DAST scanning. If any job fails to finish for any reason, the security dashboard will not show SAST scanner output. For example, if the SAST job finishes but the DAST job fails, the security dashboard will not show SAST results. The analyzer will output an [exit code](../../../development/integrations/secure.md#exit-code) on failure.
+
 ## Project Security Dashboard

 > [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/6165) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.1.