diff options
-rw-r--r-- | Gemfile | 3 | ||||
-rw-r--r-- | Gemfile.lock | 1 | ||||
-rw-r--r-- | doc/integration/advanced_search/elasticsearch.md | 2 | ||||
-rw-r--r-- | doc/user/application_security/vulnerabilities/index.md | 63 |
4 files changed, 44 insertions, 25 deletions
@@ -179,9 +179,6 @@ gem 'google-apis-serviceusage_v1', '~> 0.28.0' gem 'google-apis-sqladmin_v1beta4', '~> 0.41.0' gem 'google-apis-androidpublisher_v3', '~> 0.34.0' -# for aws storage -gem 'unf', '~> 0.1.4' - # Seed data gem 'seed-fu', '~> 2.3.7' diff --git a/Gemfile.lock b/Gemfile.lock index cd6ef711851..d35185f0e9d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -2030,7 +2030,6 @@ DEPENDENCIES truncato (~> 0.7.12) typhoeus (~> 1.4.0) undercover (~> 0.4.4) - unf (~> 0.1.4) unleash (~> 3.2.2) valid_email (~> 0.1) validates_hostname (~> 1.0.13) diff --git a/doc/integration/advanced_search/elasticsearch.md b/doc/integration/advanced_search/elasticsearch.md index b8cf8599681..066c04081a5 100644 --- a/doc/integration/advanced_search/elasticsearch.md +++ b/doc/integration/advanced_search/elasticsearch.md @@ -5,7 +5,7 @@ group: Global Search info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments --- -# Elasticsearch **(PREMIUM SELF)** +# Elasticsearch **(PREMIUM ALL)** This page describes how to enable advanced search. When enabled, advanced search provides faster search response times and [improved search features](../../user/search/advanced_search.md). diff --git a/doc/user/application_security/vulnerabilities/index.md b/doc/user/application_security/vulnerabilities/index.md index 359f1db481f..6bac4e9bc90 100644 --- a/doc/user/application_security/vulnerabilities/index.md +++ b/doc/user/application_security/vulnerabilities/index.md @@ -130,10 +130,6 @@ You can create either: - [A GitLab issue](#create-a-gitlab-issue-for-a-vulnerability) (default). - [A Jira issue](#create-a-jira-issue-for-a-vulnerability). -Creating a Jira issue requires that -[Jira integration](../../../integration/jira/index.md) is enabled on the project. Note -that when Jira integration is enabled, the GitLab issue feature is not available. - ### Create a GitLab issue for a vulnerability To create a GitLab issue for a vulnerability: @@ -169,26 +165,19 @@ fields are pre-populated from the vulnerability's details. Unlike GitLab issues, the status of whether a Jira issue is open or closed does not display in the GitLab user interface. -## Linking a vulnerability to issues - -NOTE: -If Jira issue support is enabled, GitLab issues are disabled so this feature is not available. +## Linking a vulnerability to GitLab and Jira issues -You can link a vulnerability to one or more existing GitLab issues. Adding a link helps track -the issue that resolves or mitigates a vulnerability. +You can link a vulnerability to one or more existing [GitLab](#create-a-gitlab-issue-for-a-vulnerability) +or [Jira](#create-a-jira-issue-for-a-vulnerability) issues. Only one linking feature is available at the same time. +Adding a link helps track the issue that resolves or mitigates a vulnerability. -Issues linked to a vulnerability are shown in the Vulnerability Report and the vulnerability's page. +### Link a vulnerability to existing GitLab issues -Be aware of the following conditions between a vulnerability and a linked issue: +Prerequisite: -- The vulnerability page shows related issues, but the issue page doesn't show the vulnerability - it's related to. -- An issue can only be related to one vulnerability at a time. -- Issues can be linked across groups and projects. +- [Jira issue integration](../../../integration/jira/configure.md) must not be enabled. -## Link a vulnerability to existing issues - -To link a vulnerability to existing issues: +To link a vulnerability to existing GitLab issues: 1. On the left sidebar, select **Search or go to** and find your project. 1. Select **Secure > Vulnerability report**. @@ -199,9 +188,43 @@ To link a vulnerability to existing issues: - Enter the issue's ID (prefixed with a hash `#`). 1. Select **Add**. -The selected issues are added to the **Linked issues** section, and the linked issues counter is +The selected GitLab issues are added to the **Linked items** section, and the linked issues counter is +updated. + +GitLab issues linked to a vulnerability are shown in the Vulnerability Report and the vulnerability's page. + +Be aware of the following conditions between a vulnerability and a linked GitLab issue: + +- The vulnerability page shows related issues, but the issue page doesn't show the vulnerability + it's related to. +- An issue can only be related to one vulnerability at a time. +- Issues can be linked across groups and projects. + +### Link a vulnerability to existing Jira issues + +Prerequisite: + +- [Jira issue integration](../../../integration/jira/configure.md) must be enabled, with option **Enable Jira issue creation from vulnerabilities** also enabled. + +To link a vulnerability to existing Jira issues, add the following line to the Jira issue's description: + +```plaintext +/-/security/vulnerabilities/<id> +``` + +`<id>` is any [vulnerability ID](../../../api/vulnerabilities.md#single-vulnerability). +You can add several lines with different IDs to one description. + +Jira issues with appropriate description are added to the **Related Jira issues** section, and the linked issues counter is updated. +Jira issues linked to a vulnerability are shown only on the vulnerability page. + +Be aware of the following conditions between a vulnerability and a linked Jira issue: + +- The vulnerability page and the issue page show the vulnerability they are related to. +- An issue can be related to one or more vulnerabilities at the same time. + ## Resolve a vulnerability For some vulnerabilities a solution is already known. In those instances, a vulnerability's page |