Commit c742ee76 authored by Mark Florian's avatar Mark Florian Committed by Achilleas Pipinellis

Update Pipeline Security Dashboard documentation

Tracked in https://gitlab.com/gitlab-org/gitlab-ee/issues/13496.
parent 3a5fc82e
......@@ -357,9 +357,10 @@ The following documentation relates to the DevOps **Secure** stage:
| [Dependency List](user/application_security/dependency_list/index.md) **(ULTIMATE)** | View your project's dependencies and their known vulnerabilities. |
| [Dependency Scanning](user/application_security/dependency_scanning/index.md) **(ULTIMATE)** | Analyze your dependencies for known vulnerabilities. |
| [Dynamic Application Security Testing (DAST)](user/application_security/dast/index.md) **(ULTIMATE)** | Analyze running web applications for known vulnerabilities. |
| [Group Security Dashboard](user/application_security/security_dashboard/index.md) **(ULTIMATE)** | View vulnerabilities in all the projects in a group and its subgroups. |
| [Group Security Dashboard](user/application_security/security_dashboard/index.md#group-security-dashboard) **(ULTIMATE)** | View vulnerabilities in all the projects in a group and its subgroups. |
| [License Compliance](user/application_security/license_compliance/index.md) **(ULTIMATE)** | Search your project's dependencies for their licenses. |
| [Project Security Dashboard](user/application_security/security_dashboard/index.md) **(ULTIMATE)** | View the latest security reports for your project. |
| [Pipeline Security Dashboard](user/application_security/security_dashboard/index.md#pipeline-security-dashboard) **(ULTIMATE)** | View the security reports for your project's pipelines. |
| [Project Security Dashboard](user/application_security/security_dashboard/index.md#project-security-dashboard) **(ULTIMATE)** | View the latest security reports for your project. |
| [Static Application Security Testing (SAST)](user/application_security/sast/index.md) **(ULTIMATE)** | Analyze source code for known vulnerabilities. |
## New to Git and GitLab?
......
......@@ -127,7 +127,7 @@ build:
## Security Dashboard
The Security Dashboard is a good place to get an overview of all the security
vulnerabilities in your groups and projects. Read more about the
vulnerabilities in your groups, projects and pipelines. Read more about the
[Security Dashboard](../security_dashboard/index.md).
## Interacting with the vulnerabilities
......
......@@ -198,7 +198,7 @@ variable value.
## Security Dashboard
The Security Dashboard is a good place to get an overview of all the security
vulnerabilities in your groups and projects. Read more about the
vulnerabilities in your groups, projects and pipelines. Read more about the
[Security Dashboard](../security_dashboard/index.md).
## Interacting with the vulnerabilities
......
......@@ -314,7 +314,7 @@ the report JSON unless stated otherwise. Presence of optional fields depends on
## Security Dashboard
The Security Dashboard is a good place to get an overview of all the security
vulnerabilities in your groups and projects. Read more about the
vulnerabilities in your groups, projects and pipelines. Read more about the
[Security Dashboard](../security_dashboard/index.md).
## Interacting with the vulnerabilities
......
......@@ -333,20 +333,10 @@ CI/CD configuration file to turn it on. Results are available in the SAST report
GitLab currently includes [Gitleaks](https://github.com/zricethezav/gitleaks) and [TruffleHog](https://github.com/dxa4481/truffleHog) checks.
## Security report under pipelines
> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/3776)
in [GitLab Ultimate](https://about.gitlab.com/pricing) 10.6.
Visit any pipeline page which has a `sast` job and you will be able to see
the security report tab with the listed vulnerabilities (if any).
![Security Report](img/security_report.png)
## Security Dashboard
The Security Dashboard is a good place to get an overview of all the security
vulnerabilities in your groups and projects. Read more about the
vulnerabilities in your groups, projects and pipelines. Read more about the
[Security Dashboard](../security_dashboard/index.md).
## Interacting with the vulnerabilities
......
......@@ -5,7 +5,7 @@ type: reference, howto
# GitLab Security Dashboard **(ULTIMATE)**
The Security Dashboard is a good place to get an overview of all the security
vulnerabilities in your groups and projects.
vulnerabilities in your groups, projects and pipelines.
You can also drill down into a vulnerability and get extra information, see which
project it comes from, the file it's in, and various metadata to help you analyze
......@@ -26,7 +26,7 @@ The Security Dashboard supports the following reports:
## Requirements
To use the project or group security dashboard:
To use the group, project or pipeline security dashboard:
1. At least one project inside a group must be configured with at least one of
the [supported reports](#supported-reports).
......@@ -34,6 +34,16 @@ To use the project or group security dashboard:
1. [GitLab Runner](https://docs.gitlab.com/runner/) 11.5 or newer must be used.
If you're using the shared Runners on GitLab.com, this is already the case.
## Pipeline Security Dashboard
> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/13496) in [GitLab Ultimate](https://about.gitlab.com/pricing) 12.3.
At the pipeline level, the Security Dashboard displays the vulnerabilities present in the branch of the project the pipeline was run against.
Visit the page for any pipeline which has run any of the [supported reports](#supported-reports). Click the **Security** tab to view the Security Dashboard.
![Pipeline Security Dashboard](img/pipeline_security_dashboard_v12_3.png)
## Project Security Dashboard
> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/6165) in [GitLab Ultimate](https://about.gitlab.com/pricing) 11.1.
......@@ -46,8 +56,7 @@ for your project. Use it to find and fix vulnerabilities affecting the
## Group Security Dashboard
> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/6709) in
> [GitLab Ultimate](https://about.gitlab.com/pricing) 11.5.
> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/6709) in [GitLab Ultimate](https://about.gitlab.com/pricing) 11.5.
The group Security Dashboard gives an overview of the vulnerabilities of all the
projects in a group and its subgroups.
......
......@@ -98,7 +98,7 @@ back to both GitLab and GitHub when completed.
1. The result of the job will be visible directly from the pipeline view:
![security report](img/gemnasium/report.png)
![Security Dashboard](../../application_security/security_dashboard/img/pipeline_security_dashboard_v12_3.png)
NOTE: **Note:**
If you don't commit very often to your project, you may want to use
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment