diff --git a/app/assets/javascripts/security_configuration/components/configuration_table.vue b/app/assets/javascripts/security_configuration/components/configuration_table.vue
index 2110af1522b818a825ac14073463a7bc5fe99e15..7f250bf1365be6b52b03337a463eaeef684292d3 100644
--- a/app/assets/javascripts/security_configuration/components/configuration_table.vue
+++ b/app/assets/javascripts/security_configuration/components/configuration_table.vue
@@ -8,6 +8,7 @@ import {
REPORT_TYPE_DAST_PROFILES,
REPORT_TYPE_DEPENDENCY_SCANNING,
REPORT_TYPE_CONTAINER_SCANNING,
+ REPORT_TYPE_CLUSTER_IMAGE_SCANNING,
REPORT_TYPE_COVERAGE_FUZZING,
REPORT_TYPE_API_FUZZING,
REPORT_TYPE_LICENSE_COMPLIANCE,
@@ -46,6 +47,7 @@ export default {
[REPORT_TYPE_DAST_PROFILES]: Upgrade,
[REPORT_TYPE_DEPENDENCY_SCANNING]: Upgrade,
[REPORT_TYPE_CONTAINER_SCANNING]: Upgrade,
+ [REPORT_TYPE_CLUSTER_IMAGE_SCANNING]: Upgrade,
[REPORT_TYPE_COVERAGE_FUZZING]: Upgrade,
[REPORT_TYPE_API_FUZZING]: Upgrade,
[REPORT_TYPE_LICENSE_COMPLIANCE]: Upgrade,
diff --git a/app/assets/javascripts/security_configuration/components/constants.js b/app/assets/javascripts/security_configuration/components/constants.js
index f4e060fbcdc07a6ff520fccfed6e349d13dac2d1..ea2053b3326cda72a245ffb5792aca0b7bdf35cc 100644
--- a/app/assets/javascripts/security_configuration/components/constants.js
+++ b/app/assets/javascripts/security_configuration/components/constants.js
@@ -9,6 +9,7 @@ import {
REPORT_TYPE_SECRET_DETECTION,
REPORT_TYPE_DEPENDENCY_SCANNING,
REPORT_TYPE_CONTAINER_SCANNING,
+ REPORT_TYPE_CLUSTER_IMAGE_SCANNING,
REPORT_TYPE_COVERAGE_FUZZING,
REPORT_TYPE_API_FUZZING,
REPORT_TYPE_LICENSE_COMPLIANCE,
@@ -76,6 +77,18 @@ export const CONTAINER_SCANNING_CONFIG_HELP_PATH = helpPagePath(
{ anchor: 'configuration' },
);
+export const CLUSTER_IMAGE_SCANNING_NAME = __('ciReport|Cluster Image Scanning');
+export const CLUSTER_IMAGE_SCANNING_DESCRIPTION = __(
+ 'Check your Kubernetes cluster images for known vulnerabilities.',
+);
+export const CLUSTER_IMAGE_SCANNING_HELP_PATH = helpPagePath(
+ 'user/application_security/cluster_image_scanning/index',
+);
+export const CLUSTER_IMAGE_SCANNING_CONFIG_HELP_PATH = helpPagePath(
+ 'user/application_security/cluster_image_scanning/index',
+ { anchor: 'configuration' },
+);
+
export const COVERAGE_FUZZING_NAME = __('Coverage Fuzzing');
export const COVERAGE_FUZZING_DESCRIPTION = __(
'Find bugs in your code with coverage-guided fuzzing.',
@@ -131,6 +144,12 @@ export const scanners = [
helpPath: CONTAINER_SCANNING_HELP_PATH,
type: REPORT_TYPE_CONTAINER_SCANNING,
},
+ {
+ name: CLUSTER_IMAGE_SCANNING_NAME,
+ description: CLUSTER_IMAGE_SCANNING_DESCRIPTION,
+ helpPath: CLUSTER_IMAGE_SCANNING_HELP_PATH,
+ type: REPORT_TYPE_CLUSTER_IMAGE_SCANNING,
+ },
{
name: SECRET_DETECTION_NAME,
description: SECRET_DETECTION_DESCRIPTION,
@@ -203,6 +222,13 @@ export const securityFeatures = [
configurationHelpPath: CONTAINER_SCANNING_CONFIG_HELP_PATH,
type: REPORT_TYPE_CONTAINER_SCANNING,
},
+ {
+ name: CLUSTER_IMAGE_SCANNING_NAME,
+ description: CLUSTER_IMAGE_SCANNING_DESCRIPTION,
+ helpPath: CLUSTER_IMAGE_SCANNING_HELP_PATH,
+ configurationHelpPath: CLUSTER_IMAGE_SCANNING_CONFIG_HELP_PATH,
+ type: REPORT_TYPE_CLUSTER_IMAGE_SCANNING,
+ },
{
name: SECRET_DETECTION_NAME,
description: SECRET_DETECTION_DESCRIPTION,
diff --git a/app/assets/javascripts/vue_shared/security_reports/constants.js b/app/assets/javascripts/vue_shared/security_reports/constants.js
index 1cdcf87097f1feae9199c30539931413c81b0c56..4a50dfbd82f0581a35cdc30cdd16aad60abc7b7c 100644
--- a/app/assets/javascripts/vue_shared/security_reports/constants.js
+++ b/app/assets/javascripts/vue_shared/security_reports/constants.js
@@ -22,6 +22,7 @@ export const REPORT_TYPE_DAST_PROFILES = 'dast_profiles';
export const REPORT_TYPE_SECRET_DETECTION = 'secret_detection';
export const REPORT_TYPE_DEPENDENCY_SCANNING = 'dependency_scanning';
export const REPORT_TYPE_CONTAINER_SCANNING = 'container_scanning';
+export const REPORT_TYPE_CLUSTER_IMAGE_SCANNING = 'cluster_image_scanning';
export const REPORT_TYPE_COVERAGE_FUZZING = 'coverage_fuzzing';
export const REPORT_TYPE_LICENSE_COMPLIANCE = 'license_scanning';
export const REPORT_TYPE_API_FUZZING = 'api_fuzzing';
diff --git a/ee/app/assets/javascripts/security_dashboard/components/project/project_vulnerabilities.vue b/ee/app/assets/javascripts/security_dashboard/components/project/project_vulnerabilities.vue
index da690ed3b12e93cbe15a9808bc4e1a6af5e06712..8bd094cb503bb2a0fdfc00bd056cbb2031c5bee6 100644
--- a/ee/app/assets/javascripts/security_dashboard/components/project/project_vulnerabilities.vue
+++ b/ee/app/assets/javascripts/security_dashboard/components/project/project_vulnerabilities.vue
@@ -163,6 +163,7 @@ export default {
i18n: {
API_FUZZING: __('API Fuzzing'),
CONTAINER_SCANNING: __('Container Scanning'),
+ CLUSTER_IMAGE_SCANNING: __('ciReport|Cluster Image Scanning'),
COVERAGE_FUZZING: __('Coverage Fuzzing'),
SECRET_DETECTION: __('Secret Detection'),
DEPENDENCY_SCANNING: __('Dependency Scanning'),
diff --git a/ee/app/assets/javascripts/security_dashboard/store/constants.js b/ee/app/assets/javascripts/security_dashboard/store/constants.js
index 51329c748a36fa16465cec8f13739aeec7b9d692..6f015835e639209f1582dee23ea997ed30ac95bf 100644
--- a/ee/app/assets/javascripts/security_dashboard/store/constants.js
+++ b/ee/app/assets/javascripts/security_dashboard/store/constants.js
@@ -13,6 +13,7 @@ export const SEVERITY_LEVELS = {
export const REPORT_TYPES = {
container_scanning: s__('ciReport|Container Scanning'),
+ cluster_image_scanning: s__('ciReport|Cluster Image Scanning'),
dast: s__('ciReport|DAST'),
dependency_scanning: s__('ciReport|Dependency Scanning'),
sast: s__('ciReport|SAST'),
diff --git a/ee/spec/frontend/security_dashboard/components/shared/filters/scanner_filter_spec.js b/ee/spec/frontend/security_dashboard/components/shared/filters/scanner_filter_spec.js
index 0ffc325476cf761ab179853fe321fa8a404e820f..832329f370c97283d1d16db4eb6a336928b9087b 100644
--- a/ee/spec/frontend/security_dashboard/components/shared/filters/scanner_filter_spec.js
+++ b/ee/spec/frontend/security_dashboard/components/shared/filters/scanner_filter_spec.js
@@ -26,13 +26,14 @@ const defaultScanners = [
createScannerConfig(DEFAULT_SCANNER, 'CONTAINER_SCANNING', 6),
createScannerConfig(DEFAULT_SCANNER, 'DAST', 7),
createScannerConfig(DEFAULT_SCANNER, 'DAST', 8),
+ createScannerConfig(DEFAULT_SCANNER, 'CLUSTER_IMAGE_SCANNING', 9),
];
const customScanners = [
...defaultScanners,
- createScannerConfig('Custom', 'SAST', 9),
createScannerConfig('Custom', 'SAST', 10),
- createScannerConfig('Custom', 'DAST', 11),
+ createScannerConfig('Custom', 'SAST', 11),
+ createScannerConfig('Custom', 'DAST', 12),
];
describe('Scanner Filter component', () => {
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 52229dc874979af4578db6c4b42bb4db8ceced0d..5786f4a40ebee176175db7fa06ccfaa1db68267a 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -6330,6 +6330,9 @@ msgstr ""
msgid "Check your Docker images for known vulnerabilities."
msgstr ""
+msgid "Check your Kubernetes cluster images for known vulnerabilities."
+msgstr ""
+
msgid "Check your source instance permissions."
msgstr ""
@@ -38305,6 +38308,9 @@ msgstr ""
msgid "ciReport|Checks"
msgstr ""
+msgid "ciReport|Cluster Image Scanning"
+msgstr ""
+
msgid "ciReport|Code quality"
msgstr ""