Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
d95e99f4
Commit
d95e99f4
authored
Feb 02, 2021
by
Daniel Tian
Committed by
Olena Horal-Koretska
Feb 02, 2021
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add scanner data to vulnerability pages
parent
4d0ca52e
Changes
9
Show whitespace changes
Inline
Side-by-side
Showing
9 changed files
with
117 additions
and
40 deletions
+117
-40
ee/app/assets/javascripts/security_dashboard/first_class_init.js
...assets/javascripts/security_dashboard/first_class_init.js
+53
-34
ee/app/helpers/ee/projects_helper.rb
ee/app/helpers/ee/projects_helper.rb
+2
-1
ee/app/helpers/groups/security_features_helper.rb
ee/app/helpers/groups/security_features_helper.rb
+2
-1
ee/app/helpers/security_helper.rb
ee/app/helpers/security_helper.rb
+2
-1
ee/app/services/vulnerability_scanners/list_service.rb
ee/app/services/vulnerability_scanners/list_service.rb
+22
-0
ee/spec/helpers/groups/security_features_helper_spec.rb
ee/spec/helpers/groups/security_features_helper_spec.rb
+2
-1
ee/spec/helpers/projects_helper_spec.rb
ee/spec/helpers/projects_helper_spec.rb
+4
-1
ee/spec/helpers/security_helper_spec.rb
ee/spec/helpers/security_helper_spec.rb
+4
-1
ee/spec/services/vulnerability_scanners/list_service_spec.rb
ee/spec/services/vulnerability_scanners/list_service_spec.rb
+26
-0
No files found.
ee/app/assets/javascripts/security_dashboard/first_class_init.js
View file @
d95e99f4
...
...
@@ -14,54 +14,81 @@ export default (el, dashboardType) => {
return
null
;
}
if
(
el
.
dataset
.
isUnavailable
)
{
const
{
isUnavailable
,
dashboardDocumentation
,
emptyStateSvgPath
,
noVulnerabilitiesSvgPath
,
notEnabledScannersHelpPath
,
noPipelineRunScannersHelpPath
,
hasVulnerabilities
,
scanners
,
securityDashboardHelpPath
,
projectAddEndpoint
,
projectListEndpoint
,
vulnerabilitiesExportEndpoint
,
projectFullPath
,
autoFixDocumentation
,
autoFixMrsPath
,
groupFullPath
,
instanceDashboardSettingsPath
,
pipelineCreatedAt
,
pipelineId
,
pipelinePath
,
pipelineSecurityBuildsFailedCount
,
pipelineSecurityBuildsFailedPath
,
}
=
el
.
dataset
;
if
(
isUnavailable
)
{
return
new
Vue
({
el
,
render
(
createElement
)
{
return
createElement
(
UnavailableState
,
{
props
:
{
link
:
el
.
dataset
.
dashboardDocumentation
,
svgPath
:
e
l
.
dataset
.
e
mptyStateSvgPath
,
link
:
dashboardDocumentation
,
svgPath
:
emptyStateSvgPath
,
},
});
},
});
}
const
provide
=
{};
const
provide
=
{
dashboardDocumentation
,
noVulnerabilitiesSvgPath
,
emptyStateSvgPath
,
notEnabledScannersHelpPath
,
noPipelineRunScannersHelpPath
,
hasVulnerabilities
:
parseBoolean
(
hasVulnerabilities
),
scanners
:
scanners
?
JSON
.
parse
(
scanners
)
:
[],
};
const
props
=
{
securityDashboardHelpPath
:
el
.
dataset
.
securityDashboardHelpPath
,
projectAddEndpoint
:
el
.
dataset
.
projectAddEndpoint
,
projectListEndpoint
:
el
.
dataset
.
projectListEndpoint
,
vulnerabilitiesExportEndpoint
:
el
.
dataset
.
vulnerabilitiesExportEndpoint
,
securityDashboardHelpPath
,
projectAddEndpoint
,
projectListEndpoint
,
vulnerabilitiesExportEndpoint
,
};
let
component
;
if
(
dashboardType
===
DASHBOARD_TYPES
.
PROJECT
)
{
component
=
FirstClassProjectSecurityDashboard
;
const
{
pipelineCreatedAt
:
createdAt
,
pipelineId
:
id
,
pipelinePath
:
path
,
pipelineSecurityBuildsFailedCount
:
securityBuildsFailedCount
,
pipelineSecurityBuildsFailedPath
:
securityBuildsFailedPath
,
}
=
el
.
dataset
;
props
.
pipeline
=
{
createdAt
,
id
,
path
,
securityBuildsFailedCount
:
Number
(
s
ecurityBuildsFailedCount
),
securityBuildsFailedPath
,
createdAt
:
pipelineCreatedAt
,
id
:
pipelineId
,
path
:
pipelinePath
,
securityBuildsFailedCount
:
Number
(
pipelineS
ecurityBuildsFailedCount
),
securityBuildsFailedPath
:
pipelineSecurityBuildsFailedPath
,
};
provide
.
projectFullPath
=
el
.
dataset
.
projectFullPath
;
provide
.
autoFixDocumentation
=
el
.
dataset
.
autoFixDocumentation
;
provide
.
autoFixMrsPath
=
el
.
dataset
.
autoFixMrsPath
;
provide
.
projectFullPath
=
projectFullPath
;
provide
.
autoFixDocumentation
=
autoFixDocumentation
;
provide
.
autoFixMrsPath
=
autoFixMrsPath
;
}
else
if
(
dashboardType
===
DASHBOARD_TYPES
.
GROUP
)
{
component
=
FirstClassGroupSecurityDashboard
;
props
.
groupFullPath
=
el
.
dataset
.
groupFullPath
;
props
.
groupFullPath
=
groupFullPath
;
}
else
if
(
dashboardType
===
DASHBOARD_TYPES
.
INSTANCE
)
{
provide
.
instanceDashboardSettingsPath
=
el
.
dataset
.
instanceDashboardSettingsPath
;
provide
.
instanceDashboardSettingsPath
=
instanceDashboardSettingsPath
;
component
=
FirstClassInstanceSecurityDashboard
;
}
...
...
@@ -73,15 +100,7 @@ export default (el, dashboardType) => {
store
,
router
,
apolloProvider
,
provide
:
()
=>
({
dashboardDocumentation
:
el
.
dataset
.
dashboardDocumentation
,
noVulnerabilitiesSvgPath
:
el
.
dataset
.
noVulnerabilitiesSvgPath
,
emptyStateSvgPath
:
el
.
dataset
.
emptyStateSvgPath
,
notEnabledScannersHelpPath
:
el
.
dataset
.
notEnabledScannersHelpPath
,
noPipelineRunScannersHelpPath
:
el
.
dataset
.
noPipelineRunScannersHelpPath
,
hasVulnerabilities
:
parseBoolean
(
el
.
dataset
.
hasVulnerabilities
),
...
provide
,
}),
provide
,
render
(
createElement
)
{
return
createElement
(
component
,
{
props
});
},
...
...
ee/app/helpers/ee/projects_helper.rb
View file @
d95e99f4
...
...
@@ -253,7 +253,8 @@ module EE
no_pipeline_run_scanners_help_path:
new_project_pipeline_path
(
project
),
security_dashboard_help_path:
help_page_path
(
'user/application_security/security_dashboard/index'
),
auto_fix_documentation:
help_page_path
(
'user/application_security/index'
,
anchor:
'auto-fix-merge-requests'
),
auto_fix_mrs_path:
project_merge_requests_path
(
@project
,
label_name:
'GitLab-auto-fix'
)
auto_fix_mrs_path:
project_merge_requests_path
(
@project
,
label_name:
'GitLab-auto-fix'
),
scanners:
VulnerabilityScanners
::
ListService
.
new
(
project
).
execute
.
to_json
}.
merge!
(
security_dashboard_pipeline_data
(
project
))
end
end
...
...
ee/app/helpers/groups/security_features_helper.rb
View file @
d95e99f4
...
...
@@ -44,7 +44,8 @@ module Groups::SecurityFeaturesHelper
no_vulnerabilities_svg_path:
image_path
(
'illustrations/issues.svg'
),
empty_state_svg_path:
image_path
(
'illustrations/security-dashboard-empty-state.svg'
),
dashboard_documentation:
help_page_path
(
'user/application_security/security_dashboard/index'
),
vulnerabilities_export_endpoint:
expose_path
(
api_v4_security_groups_vulnerability_exports_path
(
id:
group
.
id
))
vulnerabilities_export_endpoint:
expose_path
(
api_v4_security_groups_vulnerability_exports_path
(
id:
group
.
id
)),
scanners:
VulnerabilityScanners
::
ListService
.
new
(
group
).
execute
.
to_json
}
end
end
ee/app/helpers/security_helper.rb
View file @
d95e99f4
...
...
@@ -10,7 +10,8 @@ module SecurityHelper
project_add_endpoint:
security_projects_path
,
project_list_endpoint:
security_projects_path
,
instance_dashboard_settings_path:
settings_security_dashboard_path
,
vulnerabilities_export_endpoint:
expose_path
(
api_v4_security_vulnerability_exports_path
)
vulnerabilities_export_endpoint:
expose_path
(
api_v4_security_vulnerability_exports_path
),
scanners:
VulnerabilityScanners
::
ListService
.
new
(
InstanceSecurityDashboard
.
new
(
current_user
)).
execute
.
to_json
}
end
...
...
ee/app/services/vulnerability_scanners/list_service.rb
0 → 100644
View file @
d95e99f4
# frozen_string_literal: true
module
VulnerabilityScanners
class
ListService
<
BaseService
def
initialize
(
vulnerable
)
@vulnerable
=
vulnerable
end
def
execute
@vulnerable
.
vulnerability_scanners
.
with_report_type
.
map
do
|
scanner
|
{
external_id:
scanner
.
external_id
,
vendor:
scanner
.
vendor
,
report_type:
::
Enums
::
Vulnerability
.
report_types
.
key
(
scanner
.
report_type
).
upcase
}
end
end
end
end
ee/spec/helpers/groups/security_features_helper_spec.rb
View file @
d95e99f4
...
...
@@ -161,7 +161,8 @@ RSpec.describe Groups::SecurityFeaturesHelper do
no_vulnerabilities_svg_path:
'/images/illustrations/issues.svg'
,
empty_state_svg_path:
'/images/illustrations/security-dashboard-empty-state.svg'
,
dashboard_documentation:
'/help/user/application_security/security_dashboard/index'
,
vulnerabilities_export_endpoint:
"/api/v4/security/groups/
#{
group
.
id
}
/vulnerability_exports"
vulnerabilities_export_endpoint:
"/api/v4/security/groups/
#{
group
.
id
}
/vulnerability_exports"
,
scanners:
'[]'
}
end
...
...
ee/spec/helpers/projects_helper_spec.rb
View file @
d95e99f4
...
...
@@ -155,12 +155,15 @@ RSpec.describe ProjectsHelper do
not_enabled_scanners_help_path:
help_page_path
(
'user/application_security/index'
,
anchor:
'quick-start'
),
no_pipeline_run_scanners_help_path:
"/
#{
project
.
full_path
}
/-/pipelines/new"
,
auto_fix_documentation:
help_page_path
(
'user/application_security/index'
,
anchor:
'auto-fix-merge-requests'
),
auto_fix_mrs_path:
end_with
(
'/merge_requests?label_name=GitLab-auto-fix'
)
auto_fix_mrs_path:
end_with
(
'/merge_requests?label_name=GitLab-auto-fix'
),
scanners:
'[{"external_id":"security_vendor","vendor":"Security Vendor","report_type":"SAST"}]'
}
end
before
do
create
(
:vulnerability
,
project:
project
)
scanner
=
create
(
:vulnerabilities_scanner
,
project:
project
,
external_id:
'security_vendor'
)
create
(
:vulnerabilities_finding
,
project:
project
,
scanner:
scanner
)
end
context
'without pipeline'
do
...
...
ee/spec/helpers/security_helper_spec.rb
View file @
d95e99f4
...
...
@@ -6,6 +6,8 @@ RSpec.describe SecurityHelper do
describe
'#instance_security_dashboard_data'
do
subject
{
instance_security_dashboard_data
}
let_it_be
(
:current_user
)
{
create
(
:user
)
}
it
'returns vulnerability, project, feedback, asset, and docs paths for the instance security dashboard'
do
is_expected
.
to
eq
({
dashboard_documentation:
help_page_path
(
'user/application_security/security_dashboard/index'
,
anchor:
'instance-security-dashboard'
),
...
...
@@ -15,7 +17,8 @@ RSpec.describe SecurityHelper do
project_add_endpoint:
security_projects_path
,
project_list_endpoint:
security_projects_path
,
instance_dashboard_settings_path:
settings_security_dashboard_path
,
vulnerabilities_export_endpoint:
api_v4_security_vulnerability_exports_path
vulnerabilities_export_endpoint:
api_v4_security_vulnerability_exports_path
,
scanners:
'[]'
})
end
end
...
...
ee/spec/services/vulnerability_scanners/list_service_spec.rb
0 → 100644
View file @
d95e99f4
# frozen_string_literal: true
require
'spec_helper'
RSpec
.
describe
VulnerabilityScanners
::
ListService
do
let_it_be
(
:group
)
{
create
(
:group
)
}
let_it_be
(
:project
)
{
create
(
:project
,
group:
group
)
}
let_it_be
(
:vulnerability_scanner
)
{
create
(
:vulnerabilities_scanner
,
project:
project
,
external_id:
'external_vendor'
)
}
let_it_be
(
:vulnerability_finding
)
{
create
(
:vulnerabilities_finding
,
project:
project
,
scanner:
vulnerability_scanner
)
}
let
(
:service
)
{
described_class
.
new
(
vulnerable
)
}
subject
(
:scanner_list
)
{
service
.
execute
}
context
'when looking for scanners for group'
do
let
(
:vulnerable
)
{
group
}
it
{
is_expected
.
to
eq
([{
external_id:
"external_vendor"
,
vendor:
"Security Vendor"
,
report_type:
"SAST"
}])
}
end
context
'when looking for scanners for project'
do
let
(
:vulnerable
)
{
project
}
it
{
is_expected
.
to
eq
([{
external_id:
"external_vendor"
,
vendor:
"Security Vendor"
,
report_type:
"SAST"
}])
}
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment