Commit 2d645a9c authored by Dheeraj Joshi's avatar Dheeraj Joshi

Add option to download scanned DAST resources in MR security reports

 - Disable scanned resources list fetching
 - Add option to download

This change will be reverted back once the following
performance issue is resolved:
https://gitlab.com/gitlab-org/gitlab/-/issues/322349

Changelog: changed
parent 816b507f
......@@ -4,13 +4,16 @@ query($fullPath: ID!, $pipelineIid: ID!) {
securityReportSummary {
dast {
scannedResourcesCsvPath
scannedResourcesCount
scannedResources {
nodes {
requestMethod
url
}
}
# The commented out fields will be added back by
# https://gitlab.com/gitlab-org/gitlab/-/issues/321586
#
# scannedResourcesCount
# scannedResources {
# nodes {
# requestMethod
# url
# }
# }
}
}
}
......
......@@ -606,6 +606,16 @@ export default {
:download-link="dastDownloadLink"
/>
</template>
<template v-else-if="dastDownloadLink">
<gl-link
download
:href="dastDownloadLink"
class="gl-ml-1"
data-testid="download-link"
>
({{ s__('SecurityReports|Download scanned resources') }})
</gl-link>
</template>
</summary-row>
<grouped-issues-list
v-if="hasDastIssues"
......
---
title: Add option to downlaod DAST scanned resources in MR Security Reports
merge_request: 61551
author:
type: changed
......@@ -599,6 +599,39 @@ describe('Grouped security reports app', () => {
expect(wrapper.find('[data-testid="dast-ci-job-link"]').exists()).toBe(false);
});
});
it('show download option when scanned resources are not available', () => {
mock.onGet(DAST_DIFF_ENDPOINT).reply(200, {
...dastDiffSuccessMock,
base_report_out_of_date: true,
});
const summaryWithoutScannedResources = {
scannedResourcesCsvPath: 'http://test',
};
createWrapper(
{
...props,
enabledReports: {
dast: true,
},
},
{
data: {
dastSummary: summaryWithoutScannedResources,
},
},
);
return waitForMutation(wrapper.vm.$store, types.RECEIVE_DAST_DIFF_SUCCESS).then(() => {
const findDownloadLink = wrapper.find('[data-testid="download-link"]');
expect(wrapper.text()).toContain('Download scanned resources');
expect(findDownloadLink.exists()).toBe(true);
expect(findDownloadLink.attributes('href')).toBe('http://test');
});
});
});
describe('secret scanning reports', () => {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment