Merge branch '254652-coverage-fuzzing-feature-flag-and-docs' into 'master'

Update coverage fuzzing docs and enable flag See merge request gitlab-org/gitlab!46651

Merge branch '254652-coverage-fuzzing-feature-flag-and-docs' into 'master'
Update coverage fuzzing docs and enable flag See merge request gitlab-org/gitlab!46651
51e21aa5 · Andrew Fontaine · f87fb956 · 93d77c7d · 51e21aa5 · 51e21aa5
Commit 51e21aa5 authored Nov 09, 2020 by Andrew Fontaine
5 changed files
--- a/config/feature_flags/development/coverage_fuzzing_mr_widget.yml
+++ b/config/feature_flags/development/coverage_fuzzing_mr_widget.yml
@@ -5,4 +5,4 @@ rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/257839
 milestone: '13.6'
 type: development
 group: group::fuzz testing
-default_enabled: false
+default_enabled: true
--- a/doc/user/application_security/coverage_fuzzing/img/coverage_fuzzing_report_v13_6.png
+++ b/doc/user/application_security/coverage_fuzzing/img/coverage_fuzzing_report_v13_6.png
--- a/doc/user/application_security/coverage_fuzzing/index.md
+++ b/doc/user/application_security/coverage_fuzzing/index.md
@@ -222,6 +222,34 @@ This essentially creates two steps:

 The `covfuzz-ci.yml` is the same as that in the [original synchronous example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/go-fuzzing-example#running-go-fuzz-from-ci).

+## Interacting with the vulnerabilities
+
+After a vulnerability is found, you can [interact with it](../index.md#interacting-with-the-vulnerabilities).
+The merge request widget lists the vulnerability and contains a button for downloading the fuzzing
+artifacts. By clicking one of the detected vulnerabilities, you can see its details.
+
+![Coverage Fuzzing Security Report](img/coverage_fuzzing_report_v13_6.png)
+
+You can also view the vulnerability from the [Security Dashboard](../security_dashboard/index.md),
+which shows an overview of all the security vulnerabilities in your groups, projects, and pipelines.
+
+Clicking the vulnerability opens a modal that provides additional information about the
+vulnerability:
+
+- Status: The vulnerability's status. As with any type of vulnerability, a coverage fuzzing
+  vulnerability can be Detected, Confirmed, Dismissed, or Resolved.
+- Project: The project in which the vulnerability exists.
+- Crash type: The type of crash or weakness in the code. This typically maps to a [CWE](https://cwe.mitre.org/).
+- Crash state: A normalized version of the stacktrace, containing the last three functions of the
+  crash (without random addresses).
+- Stacktrace snippet: The last few lines of the stacktrace, which shows details about the crash.
+- Identifier: The vulnerability's identifier. This maps to either a [CVE](https://cve.mitre.org/)
+  or [CWE](https://cwe.mitre.org/).
+- Severity: The vulnerability's severity. This can be Critical, High, Medium, Low, Info, or Unknown.
+- Scanner: The scanner that detected the vulnerability (for example, Coverage Fuzzing).
+- Scanner Provider: The engine that did the scan. For Coverage Fuzzing, this can be any of the
+  engines listed in [Supported fuzzing engines and languages](#supported-fuzzing-engines-and-languages).
+
 ### Glossary

 - Seed corpus: The set of test cases given as initial input to the fuzz target. This usually speeds

--- a/ee/app/controllers/ee/projects/merge_requests_controller.rb
+++ b/ee/app/controllers/ee/projects/merge_requests_controller.rb
@@ -11,7 +11,7 @@ module EE
        before_action only: [:show] do
          push_frontend_feature_flag(:anonymous_visual_review_feedback)
          push_frontend_feature_flag(:missing_mr_security_scan_types, @project)
-          push_frontend_feature_flag(:coverage_fuzzing_mr_widget, @project)
+          push_frontend_feature_flag(:coverage_fuzzing_mr_widget, @project, default_enabled: true)
        end

        before_action :whitelist_query_limiting_ee_merge, only: [:merge]

--- a/ee/app/views/projects/merge_requests/show.html.haml
+++ b/ee/app/views/projects/merge_requests/show.html.haml
@@ -20,4 +20,4 @@
    window.gl.mrWidgetData.sast_comparison_path = '#{sast_reports_project_merge_request_path(@project, @merge_request) if @project.feature_available?(:sast)}'
    window.gl.mrWidgetData.dast_comparison_path = '#{dast_reports_project_merge_request_path(@project, @merge_request) if @project.feature_available?(:dast)}'
    window.gl.mrWidgetData.secret_scanning_comparison_path = '#{secret_detection_reports_project_merge_request_path(@project, @merge_request) if @project.feature_available?(:secret_detection)}'
-    window.gl.mrWidgetData.coverage_fuzzing_comparison_path = '#{coverage_fuzzing_reports_project_merge_request_path(@project, @merge_request) if @project.feature_available?(:coverage_fuzzing) && Feature.enabled?(:coverage_fuzzing_mr_widget, @project)}'
+    window.gl.mrWidgetData.coverage_fuzzing_comparison_path = '#{coverage_fuzzing_reports_project_merge_request_path(@project, @merge_request) if @project.feature_available?(:coverage_fuzzing) && Feature.enabled?(:coverage_fuzzing_mr_widget, @project, default_enabled: true)}'