diff --git a/.gitlab/CODEOWNERS b/.gitlab/CODEOWNERS
index 60abdd95e662f9b3f76b29ff243b60c567ce45bb..e1fc280bd1c7af4f60a5c4e4659eee8ab8114795 100644
--- a/.gitlab/CODEOWNERS
+++ b/.gitlab/CODEOWNERS
@@ -874,6 +874,7 @@ lib/gitlab/checks/**
/doc/user/award_emojis.md @msedlakjakubowski
/doc/user/clusters/ @phillipwells
/doc/user/compliance/ @rdickenson
+/doc/user/compliance/compliance_center/ @eread
/doc/user/compliance/compliance_report/ @eread
/doc/user/compliance/index.md @eread
/doc/user/crm/ @msedlakjakubowski
diff --git a/data/whats_new/202204210001_14_10.yml b/data/whats_new/202204210001_14_10.yml
index c4028662f59b09b073b4306e5d53a047a23b0c69..029dd19bcc71fc9d934bf49795ebcf3ca2d85788 100644
--- a/data/whats_new/202204210001_14_10.yml
+++ b/data/whats_new/202204210001_14_10.yml
@@ -5,7 +5,7 @@
self-managed: true
gitlab-com: true
available_in: [Ultimate]
- documentation_link: 'https://docs.gitlab.com/ee/user/compliance/compliance_report/'
+ documentation_link: 'https://docs.gitlab.com/ee/user/compliance/compliance_center/'
image_url: 'https://about.gitlab.com/images/14_10/manage_compliance_report_individual_violation.png'
published_at: 2022-04-22
release: 14.10
diff --git a/data/whats_new/202303220001_15_10.yml b/data/whats_new/202303220001_15_10.yml
index d2598fc8e2d0bd9627f2d139c6a87955540b04d1..cefd469fe411e4284ba9bf836e2b55e843c3c8f8 100644
--- a/data/whats_new/202303220001_15_10.yml
+++ b/data/whats_new/202303220001_15_10.yml
@@ -38,7 +38,7 @@
self-managed: true
gitlab-com: true
available_in: [Ultimate]
- documentation_link: 'https://docs.gitlab.com/ee/user/compliance/compliance_report/#compliance-frameworks-report'
+ documentation_link: 'https://docs.gitlab.com/ee/user/compliance/compliance_center/#compliance-frameworks-report'
image_url: 'https://about.gitlab.com/images/15_10/govern-compliance-framework-report.png'
published_at: 2023-03-22
release: 15.10
diff --git a/data/whats_new/202304220001_15_11.yml b/data/whats_new/202304220001_15_11.yml
index 38e5d8bef31c9dd46127174e41fd2a1954e76028..b9281c5a99ec828d8cb1217e72de368a6f8a6d70 100644
--- a/data/whats_new/202304220001_15_11.yml
+++ b/data/whats_new/202304220001_15_11.yml
@@ -22,7 +22,7 @@
self-managed: true
gitlab-com: true
available_in: [Ultimate]
- documentation_link: 'https://docs.gitlab.com/ee/user/compliance/compliance_report/#compliance-frameworks-report'
+ documentation_link: 'https://docs.gitlab.com/ee/user/compliance/compliance_center/#compliance-frameworks-report'
image_url: 'https://about.gitlab.com/images/15_11/govern-compliance-frameworks-report-management.png'
published_at: 2023-04-22
release: 15.11
diff --git a/doc/administration/compliance.md b/doc/administration/compliance.md
index 978e43b2e2c1810169a127e3d5b45ee113f2e8ed..5562d808befb14c9e97de54fa87500e059e82ef4 100644
--- a/doc/administration/compliance.md
+++ b/doc/administration/compliance.md
@@ -57,7 +57,7 @@ These features can help provide visibility into GitLab and audit what is happeni
| [Audit events](audit_events.md) | **{check-circle}** Yes | **{check-circle}** Yes | **{check-circle}** Yes | To maintain the integrity of your code, audit events give administrators the ability to view any modifications made in the GitLab server in an advanced audit events system, so you can control, analyze, and track every change. |
| [Audit reports](audit_reports.md) | **{check-circle}** Yes | **{check-circle}** Yes | **{check-circle}** Yes | Create and access reports based on the audit events that have occurred. Use pre-built GitLab reports or the API to build your own. |
| [Auditor users](auditor_users.md) | **{check-circle}** Yes | **{dotted-circle}** No | **{dotted-circle}** No | Auditor users are users who are given read-only access to all projects, groups, and other resources on the GitLab instance. |
-| [Compliance report](../user/compliance/compliance_report/index.md) | **{dotted-circle}** No | **{check-circle}** Yes | **{dotted-circle}** No | Quickly get visibility into the compliance posture of your organization. |
+| [Compliance center](../user/compliance/compliance_center/index.md) | **{dotted-circle}** No | **{check-circle}** Yes | **{dotted-circle}** No | Quickly get visibility into the compliance posture of your organization. |
## Other compliance features
diff --git a/doc/development/export_csv.md b/doc/development/export_csv.md
index 971159e83b9bd5e6bbfd973457af87537b7c1f32..9b0205166bf960b5a7f5cef0407d4143dea6e7a5 100644
--- a/doc/development/export_csv.md
+++ b/doc/development/export_csv.md
@@ -8,14 +8,14 @@ info: To determine the technical writer assigned to the Stage/Group associated w
This document lists the different implementations of CSV export in GitLab codebase.
-| Export type | How it works | Advantages | Disadvantages | Existing examples |
-|---|---|---|---|---|
-| Streaming | - Query and yield data in batches to a response stream.<br>- Download starts immediately. | - Report available immediately. | - No progress indicator.<br>- Requires a reliable connection. | [Export Audit Event Log](../administration/audit_events.md#export-to-csv) |
-| Downloading | - Query and write data in batches to a temporary file.<br>- Loads the file into memory.<br>- Sends the file to the client. | - Report available immediately. | - Large amount of data might cause request timeout.<br>- Memory intensive.<br>- Request expires when user navigates to a different page. | - [Export Chain of Custody Report](../user/compliance/compliance_report/index.md#chain-of-custody-report)<br>- [Export License Usage File](../subscriptions/self_managed/index.md#export-your-license-usage) |
-| As email attachment | - Asynchronously process the query with background job.<br>- Email uses the export as an attachment. | - Asynchronous processing. | - Requires users use a different app (email) to download the CSV.<br>- Email providers may limit attachment size. | - [Export issues](../user/project/issues/csv_export.md)<br>- [Export merge requests](../user/project/merge_requests/csv_export.md) |
-| As downloadable link in email (*) | - Asynchronously process the query with background job.<br>- Email uses an export link. | - Asynchronous processing.<br>- Bypasses email provider attachment size limit. | - Requires users use a different app (email).<br>- Requires additional storage and cleanup. | [Export User Permissions](https://gitlab.com/gitlab-org/gitlab/-/issues/1772) |
-| Polling (non-persistent state) | - Asynchronously processes the query with the background job.<br>- Frontend(FE) polls every few seconds to check if CSV file is ready. | - Asynchronous processing.<br>- Automatically downloads to local machine on completion.<br>- In-app solution. | - Non-persistable request - request expires when user navigates to a different page.<br>- API is processed for each polling request. | [Export Vulnerabilities](../user/application_security/vulnerability_report/index.md#export-vulnerability-details) |
-| Polling (persistent state) (*) | - Asynchronously processes the query with background job.<br>- Backend (BE) maintains the export state<br>- FE polls every few seconds to check status.<br>- FE shows 'Download link' when export is ready.<br>- User can download or regenerate a new report. | - Asynchronous processing.<br>- No database calls made during the polling requests (HTTP 304 status is returned until export status changes).<br>- Does not require user to stay on page until export is complete.<br>- In-app solution.<br>- Can be expanded into a generic CSV feature (such as dashboard / CSV API). | - Requires to maintain export states in DB.<br>- Does not automatically download the CSV export to local machine, requires users to select 'Download'. | [Export Merge Commits Report](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/43055) |
+| Export type | How it works | Advantages | Disadvantages | Existing examples |
+|---|---|---|---|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| Streaming | - Query and yield data in batches to a response stream.<br>- Download starts immediately. | - Report available immediately. | - No progress indicator.<br>- Requires a reliable connection. | [Export Audit Event Log](../administration/audit_events.md#export-to-csv) |
+| Downloading | - Query and write data in batches to a temporary file.<br>- Loads the file into memory.<br>- Sends the file to the client. | - Report available immediately. | - Large amount of data might cause request timeout.<br>- Memory intensive.<br>- Request expires when user navigates to a different page. | - [Export Chain of Custody Report](../user/compliance/compliance_center/index.md#chain-of-custody-report)<br>- [Export License Usage File](../subscriptions/self_managed/index.md#export-your-license-usage) |
+| As email attachment | - Asynchronously process the query with background job.<br>- Email uses the export as an attachment. | - Asynchronous processing. | - Requires users use a different app (email) to download the CSV.<br>- Email providers may limit attachment size. | - [Export issues](../user/project/issues/csv_export.md)<br>- [Export merge requests](../user/project/merge_requests/csv_export.md) |
+| As downloadable link in email (*) | - Asynchronously process the query with background job.<br>- Email uses an export link. | - Asynchronous processing.<br>- Bypasses email provider attachment size limit. | - Requires users use a different app (email).<br>- Requires additional storage and cleanup. | [Export User Permissions](https://gitlab.com/gitlab-org/gitlab/-/issues/1772) |
+| Polling (non-persistent state) | - Asynchronously processes the query with the background job.<br>- Frontend(FE) polls every few seconds to check if CSV file is ready. | - Asynchronous processing.<br>- Automatically downloads to local machine on completion.<br>- In-app solution. | - Non-persistable request - request expires when user navigates to a different page.<br>- API is processed for each polling request. | [Export Vulnerabilities](../user/application_security/vulnerability_report/index.md#export-vulnerability-details) |
+| Polling (persistent state) (*) | - Asynchronously processes the query with background job.<br>- Backend (BE) maintains the export state<br>- FE polls every few seconds to check status.<br>- FE shows 'Download link' when export is ready.<br>- User can download or regenerate a new report. | - Asynchronous processing.<br>- No database calls made during the polling requests (HTTP 304 status is returned until export status changes).<br>- Does not require user to stay on page until export is complete.<br>- In-app solution.<br>- Can be expanded into a generic CSV feature (such as dashboard / CSV API). | - Requires to maintain export states in DB.<br>- Does not automatically download the CSV export to local machine, requires users to select 'Download'. | [Export Merge Commits Report](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/43055) |
NOTE:
Export types marked as * are currently work in progress.
diff --git a/doc/user/compliance/compliance_center/index.md b/doc/user/compliance/compliance_center/index.md
new file mode 100644
index 0000000000000000000000000000000000000000..e30edd09428bb85b653537fd59a8dc749e696e42
--- /dev/null
+++ b/doc/user/compliance/compliance_center/index.md
@@ -0,0 +1,299 @@
+---
+type: reference, howto
+stage: Govern
+group: Compliance
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
+---
+
+# Compliance center **(ULTIMATE)**
+
+> [Renamed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/122931) from Compliance report in GitLab 16.3.
+
+See report and manage standards adherence, violations, and compliance frameworks for the group
+
+## Compliance violations report
+
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/36524) in GitLab 12.8 as Compliance Dashboard.
+> - Compliance violation drawer [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/299357) in GitLab 14.1.
+> - [Renamed](https://gitlab.com/gitlab-org/gitlab/-/issues/299360) to compliance report in GitLab 14.2.
+> - [Replaced](https://gitlab.com/groups/gitlab-org/-/epics/5237) by merge request violations in GitLab 14.6 [with a flag](../../../administration/feature_flags.md) named `compliance_violations_report`. Disabled by default.
+> - GraphQL API [introduced](https://gitlab.com/groups/gitlab-org/-/epics/7222) in GitLab 14.9.
+> - [Generally available](https://gitlab.com/groups/gitlab-org/-/epics/5237) in GitLab 14.10. [Feature flag `compliance_violations_report`](https://gitlab.com/gitlab-org/gitlab/-/issues/346266) removed.
+> - [Renamed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/112111) to compliance violations report in GitLab 15.9.
+> - [Added](https://gitlab.com/gitlab-org/gitlab/-/issues/394950) ability to create/edit compliance frameworks in GitLab 16.0.
+
+With compliance violations report, you can see a high-level view of merge request activity for all projects in the group.
+
+When you select a row in the compliance report, a drawer appears that provides:
+
+- The project name and [compliance framework label](../../project/settings/index.md#add-a-compliance-framework-to-a-project),
+ if the project has one assigned.
+- A link to the merge request that introduced the violation.
+- The merge request's branch path in the format `[source] into [target]`.
+- A list of users that committed changes to the merge request.
+- A list of users that commented on the merge request.
+- A list of users that approved the merge request.
+- The user that merged the merge request.
+
+### View the compliance violations report for a group
+
+> Target branch search [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/358414) in GitLab 16.0.
+
+Prerequisites:
+
+- You must be an administrator or have the Owner role for the group.
+
+To view the compliance violations report:
+
+1. On the left sidebar, at the top, select **Search GitLab** (**{search}**) to find your group.
+1. On the left sidebar, select **Secure > Compliance center**.
+
+You can sort the compliance report on:
+
+- Severity level.
+- Type of violation.
+- Merge request title.
+
+You can filter the compliance violations report on:
+
+- Project.
+- Date range of merge.
+- Target branch.
+
+Select a row to see details of the compliance violation.
+
+#### Severity levels
+
+Each compliance violation has one of the following severities.
+
+<!-- vale gitlab.SubstitutionWarning = NO -->
+
+| Icon | Severity level |
+|:----------------------------------------------|:---------------|
+| **{severity-critical, 18, gl-fill-red-800}** | Critical |
+| **{severity-high, 18, gl-fill-red-600}** | High |
+| **{severity-medium, 18, gl-fill-orange-400}** | Medium |
+| **{severity-low, 18, gl-fill-orange-300}** | Low |
+| **{severity-info, 18, gl-fill-blue-400}** | Info |
+
+<!-- vale gitlab.SubstitutionWarning = YES -->
+
+#### Violation types
+
+From [GitLab 14.10](https://gitlab.com/groups/gitlab-org/-/epics/6870), these are the available compliance violations.
+
+| Violation | Severity level | Category | Description |
+|:----------------------------------|:---------------|:----------------------------------------------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
+| Author approved merge request | High | [Separation of duties](#separation-of-duties) | Author of the merge request approved their own merge request. For more information, see [Prevent approval by author](../../project/merge_requests/approvals/settings.md#prevent-approval-by-author). |
+| Committers approved merge request | High | [Separation of duties](#separation-of-duties) | Committers of the merge request approved the merge request they contributed to. For more information, see [Prevent approvals by users who add commits](../../project/merge_requests/approvals/settings.md#prevent-approvals-by-users-who-add-commits). |
+| Fewer than two approvals | High | [Separation of duties](#separation-of-duties) | Merge request was merged with fewer than two approvals. For more information, see [Merge request approval rules](../../project/merge_requests/approvals/rules.md). |
+
+The following are unavailable compliance violations that are tracked in [epic 5237](https://gitlab.com/groups/gitlab-org/-/epics/5237).
+
+<!-- vale gitlab.SubstitutionWarning = NO -->
+
+| Violation | Severity level | Category | Description |
+|:-------------------------------------|:---------------|:---------------------------------------------------------------------------------------|:---------------------------------------------------------------------------------------------------|
+| Pipeline failed | Medium | [Pipeline results](../../../ci/pipelines/index.md) | Merge requests pipeline failed and was merged. |
+| Pipeline passed with warnings | Info | [Pipeline results](../../../ci/pipelines/index.md) | Merge request pipeline passed with warnings and was merged. |
+| Code coverage down more than 10% | High | [Code coverage](../../../ci/testing/code_coverage.md#view-code-coverage-results-in-the-mr) | Code coverage report for the merge request indicates a reduction in coverage of more than 10%. |
+| Code coverage down between 5% to 10% | Medium | [Code coverage](../../../ci/testing/code_coverage.md#view-code-coverage-results-in-the-mr) | Code coverage report for the merge request indicates a reduction in coverage of between 5% to 10%. |
+| Code coverage down between 1% to 5% | Low | [Code coverage](../../../ci/testing/code_coverage.md#view-code-coverage-results-in-the-mr) | Code coverage report for the merge request indicates a reduction in coverage of between 1% to 5%. |
+| Code coverage down less than 1% | Info | [Code coverage](../../../ci/testing/code_coverage.md#view-code-coverage-results-in-the-mr) | Code coverage report for the merge request indicates a reduction in coverage of less than 1%. |
+
+<!-- vale gitlab.SubstitutionWarning = YES -->
+
+##### Separation of duties
+
+GitLab supports a separation of duties policy between users who create and approve merge requests. Our criteria for the
+separation of duties is:
+
+- [A merge request author is **not** allowed to approve their merge request](../../project/merge_requests/approvals/settings.md#prevent-approval-by-author).
+- [A merge request committer is **not** allowed to approve a merge request they have added commits to](../../project/merge_requests/approvals/settings.md#prevent-approvals-by-users-who-add-commits).
+- [The minimum number of approvals required to merge a merge request is **at least** two](../../project/merge_requests/approvals/rules.md).
+
+### Chain of Custody report
+
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/213364) in GitLab 13.3.
+> - Chain of Custody reports sent using email [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/342594) in GitLab 15.3 with a flag named `async_chain_of_custody_report`. Disabled by default.
+> - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/370100) in GitLab 15.5. Feature flag `async_chain_of_custody_report` removed.
+> - Chain of Custody report includes all commits (instead of just merge commits) [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/267601) in GitLab 15.9 with a flag named `all_commits_compliance_report`. Disabled by default.
+> - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/112092) in GitLab 15.9. Feature flag `all_commits_compliance_report` removed.
+
+The Chain of Custody report provides a 1 month trailing window of all commits to a project under the group.
+
+To generate the report for all commits, GitLab:
+
+1. Fetches all projects under the group.
+1. For each project, fetches the last 1 month of commits. Each project is capped at 1024 commits. If there are more than
+ 1024 commits in the 1-month window, they are truncated.
+1. Writes the commits to a CSV file. The file is truncated at 15 MB because the report is emailed as an attachment
+ (GitLab 15.5 and later).
+
+The report includes:
+
+- Commit SHA.
+- Commit author.
+- Committer.
+- Date committed.
+- Group.
+- Project.
+
+If the commit has a related merge commit, then the following are also included:
+
+- Merge commit SHA.
+- Merge request ID.
+- User who merged the merge request.
+- Merge date.
+- Pipeline ID.
+- Merge request approvers.
+
+#### Generate Chain of Custody report
+
+To generate the Chain of Custody report:
+
+1. On the left sidebar, at the top, select **Search GitLab** (**{search}**) to find your group.
+1. On the left sidebar, select **Secure > Compliance center**.
+1. Select **List of all merge commits**.
+
+Depending on your version of GitLab, the Chain of Custody report is either sent through email or available for download.
+
+#### Generate commit-specific Chain of Custody report
+
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/267629) in GitLab 13.6.
+> - Support for including all commits instead of only merge commits [added](https://gitlab.com/gitlab-org/gitlab/-/issues/393446) in GitLab 15.10.
+
+You can generate a commit-specific Chain of Custody report for a given commit SHA. This report provides only the
+details for the provided commit SHA.
+
+To generate a commit-specific Chain of Custody report:
+
+1. On the left sidebar, at the top, select **Search GitLab** (**{search}**) to find your group.
+1. On the left sidebar, select **Secure > Compliance center**.
+1. At the top of the compliance report, to the right of **List of all commits**, select the down arrow
+ (**{chevron-lg-down}**).
+1. Enter the commit SHA, and then select **Export commit custody report**.
+
+Depending on your version of GitLab, the Chain of Custody report is either sent through email or available for download.
+
+Alternatively, use a direct link: `https://gitlab.com/groups/<group-name>/-/security/merge_commit_reports.csv?commit_sha={optional_commit_sha}`,
+passing in an optional value to the `commit_sha` query parameter.
+
+## Compliance frameworks report
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/387910) in GitLab 15.10.
+
+With compliance frameworks report, you can see the compliance frameworks that are applied to projects in a group. Each row of the report shows:
+
+- Project name.
+- Project path.
+- Compliance framework label if the project has one assigned.
+
+The default framework for the group has a **default** badge.
+
+### View the compliance frameworks report for a group
+
+Prerequisites:
+
+- You must be an administrator or have the Owner role for the group.
+
+To view the compliance frameworks report:
+
+1. On the left sidebar, at the top, select **Search GitLab** (**{search}**) to find your group.
+1. On the left sidebar, select **Secure > Compliance center**.
+1. On the page, select the **Frameworks** tab.
+
+### Apply a compliance framework to projects in a group
+
+> - Adding compliance frameworks using bulk actions [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/383209) in GitLab 15.11.
+> - Adding compliance frameworks without using bulk actions [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/394795) in GitLab 16.0.
+
+You can apply a compliance framework to projects in a group.
+
+Prerequisites:
+
+- You must have the Owner role for the group.
+
+To apply a compliance framework to one project in a group:
+
+1. On the left sidebar, at the top, select **Search GitLab** (**{search}**) to find your group.
+1. On the left sidebar, select **Secure > Compliance center**.
+1. On the page, select the **Frameworks** tab.
+1. Next to the project you want to add the compliance framework to, select **{plus}** **Add framework**.
+1. Select an existing compliance framework or create a new one.
+
+To apply a compliance framework to multiple projects in a group:
+
+1. On the left sidebar, at the top, select **Search GitLab** (**{search}**) to find your group.
+1. On the left sidebar, select **Secure > Compliance center**.
+1. On the page, select the **Frameworks** tab.
+1. Select multiple projects.
+1. From the **Choose one bulk action** dropdown list, select **Apply framework to selected projects**.
+1. Select framework to apply.
+1. Select **Apply**.
+
+### Remove a compliance framework from projects in a group
+
+> - Removing compliance frameworks using bulk actions [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/383209) in GitLab 15.11.
+> - Removing compliance frameworks without using bulk actions [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/394795) in GitLab 16.0.
+
+You can remove a compliance framework from projects in a group.
+
+Prerequisites:
+
+- You must have the Owner role for the group.
+
+To remove a compliance framework from one project in a group:
+
+1. On the left sidebar, at the top, select **Search GitLab** (**{search}**) to find your group.
+1. On the left sidebar, select **Secure > Compliance center**.
+1. On the page, select the **Frameworks** tab.
+1. Next to the compliance framework to remove from the project, select **{close}** on the framework label.
+
+To remove a compliance framework from multiple projects in a group:
+
+1. On the left sidebar, at the top, select **Search GitLab** (**{search}**) to find your group.
+1. On the left sidebar, select **Secure > Compliance center**.
+1. On the page, select the **Frameworks** tab.
+1. Select multiple projects.
+1. From the **Choose one bulk action** dropdown list, select **Remove framework from selected projects**.
+1. Select **Remove**.
+
+### Export a report of compliance frameworks on projects in a group
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/387912) in GitLab 16.0.
+
+Export a report of compliance frameworks that are applied to projects in a group. Reports:
+
+- Do not use filters on the framework report.
+- Are truncated at 15 MB so the email attachment too large.
+
+Prerequisites:
+
+- You must be an administrator or have the Owner role for the group.
+
+To export a report of compliance frameworks on projects in a group:
+
+1. On the left sidebar, at the top, select **Search GitLab** (**{search}**) to find your group.
+1. On the left sidebar, select **Secure > Compliance center**.
+1. On the page, select the **Frameworks** tab.
+1. On the Frameworks tab, select the **Export as CSV** action in the top right corner
+
+A report is compiled and delivered to your email inbox as an attachment.
+
+#### Filter the compliance frameworks report
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/387911) in GitLab 15.11.
+
+To filter the list of compliance frameworks:
+
+1. On the left sidebar, at the top, select **Search GitLab** (**{search}**) to find your group.
+1. On the left sidebar, select **Secure > Compliance center**.
+1. On the page, select the **Frameworks** tab.
+1. In the search field:
+ 1. Select the attribute you want to filter by.
+ 1. Select an operator.
+ 1. Select from the list of options or enter text for the search.
+1. Select **Search** (**{search}**).
+
+Repeat this process to filter by multiple attributes.
diff --git a/doc/user/compliance/compliance_report/index.md b/doc/user/compliance/compliance_report/index.md
index ab80fbbba8e790191e2182140f49220a0d9c6fb6..998e9c81d18f975d9eb0d36c5caadaf93d1dba54 100644
--- a/doc/user/compliance/compliance_report/index.md
+++ b/doc/user/compliance/compliance_report/index.md
@@ -1,297 +1,11 @@
---
-type: reference, howto
-stage: Govern
-group: Compliance
-info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
+redirect_to: '../compliance_center/index.md'
+remove_date: '2023-09-20'
---
-# Compliance reports **(ULTIMATE)**
+This document was moved to [another location](../compliance_center/index.md).
-See reports about compliance violations and compliance frameworks for the group.
-
-## Compliance violations report
-
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/36524) in GitLab 12.8 as Compliance Dashboard.
-> - Compliance violation drawer [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/299357) in GitLab 14.1.
-> - [Renamed](https://gitlab.com/gitlab-org/gitlab/-/issues/299360) to compliance report in GitLab 14.2.
-> - [Replaced](https://gitlab.com/groups/gitlab-org/-/epics/5237) by merge request violations in GitLab 14.6 [with a flag](../../../administration/feature_flags.md) named `compliance_violations_report`. Disabled by default.
-> - GraphQL API [introduced](https://gitlab.com/groups/gitlab-org/-/epics/7222) in GitLab 14.9.
-> - [Generally available](https://gitlab.com/groups/gitlab-org/-/epics/5237) in GitLab 14.10. [Feature flag `compliance_violations_report`](https://gitlab.com/gitlab-org/gitlab/-/issues/346266) removed.
-> - [Renamed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/112111) to compliance violations report in GitLab 15.9.
-> - [Added](https://gitlab.com/gitlab-org/gitlab/-/issues/394950) ability to create/edit compliance frameworks in GitLab 16.0.
-
-With compliance violations report, you can see a high-level view of merge request activity for all projects in the group.
-
-When you select a row in the compliance report, a drawer appears that provides:
-
-- The project name and [compliance framework label](../../project/settings/index.md#add-a-compliance-framework-to-a-project),
- if the project has one assigned.
-- A link to the merge request that introduced the violation.
-- The merge request's branch path in the format `[source] into [target]`.
-- A list of users that committed changes to the merge request.
-- A list of users that commented on the merge request.
-- A list of users that approved the merge request.
-- The user that merged the merge request.
-
-### View the compliance violations report for a group
-
-> Target branch search [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/358414) in GitLab 16.0.
-
-Prerequisites:
-
-- You must be an administrator or have the Owner role for the group.
-
-To view the compliance violations report:
-
-1. On the left sidebar, at the top, select **Search GitLab** (**{search}**) to find your group.
-1. On the left sidebar, select **Secure > Compliance report**.
-
-You can sort the compliance report on:
-
-- Severity level.
-- Type of violation.
-- Merge request title.
-
-You can filter the compliance violations report on:
-
-- Project.
-- Date range of merge.
-- Target branch.
-
-Select a row to see details of the compliance violation.
-
-#### Severity levels
-
-Each compliance violation has one of the following severities.
-
-<!-- vale gitlab.SubstitutionWarning = NO -->
-
-| Icon | Severity level |
-|:----------------------------------------------|:---------------|
-| **{severity-critical, 18, gl-fill-red-800}** | Critical |
-| **{severity-high, 18, gl-fill-red-600}** | High |
-| **{severity-medium, 18, gl-fill-orange-400}** | Medium |
-| **{severity-low, 18, gl-fill-orange-300}** | Low |
-| **{severity-info, 18, gl-fill-blue-400}** | Info |
-
-<!-- vale gitlab.SubstitutionWarning = YES -->
-
-#### Violation types
-
-From [GitLab 14.10](https://gitlab.com/groups/gitlab-org/-/epics/6870), these are the available compliance violations.
-
-| Violation | Severity level | Category | Description |
-|:----------------------------------|:---------------|:----------------------------------------------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
-| Author approved merge request | High | [Separation of duties](#separation-of-duties) | Author of the merge request approved their own merge request. For more information, see [Prevent approval by author](../../project/merge_requests/approvals/settings.md#prevent-approval-by-author). |
-| Committers approved merge request | High | [Separation of duties](#separation-of-duties) | Committers of the merge request approved the merge request they contributed to. For more information, see [Prevent approvals by users who add commits](../../project/merge_requests/approvals/settings.md#prevent-approvals-by-users-who-add-commits). |
-| Fewer than two approvals | High | [Separation of duties](#separation-of-duties) | Merge request was merged with fewer than two approvals. For more information, see [Merge request approval rules](../../project/merge_requests/approvals/rules.md). |
-
-The following are unavailable compliance violations that are tracked in [epic 5237](https://gitlab.com/groups/gitlab-org/-/epics/5237).
-
-<!-- vale gitlab.SubstitutionWarning = NO -->
-
-| Violation | Severity level | Category | Description |
-|:-------------------------------------|:---------------|:---------------------------------------------------------------------------------------|:---------------------------------------------------------------------------------------------------|
-| Pipeline failed | Medium | [Pipeline results](../../../ci/pipelines/index.md) | Merge requests pipeline failed and was merged. |
-| Pipeline passed with warnings | Info | [Pipeline results](../../../ci/pipelines/index.md) | Merge request pipeline passed with warnings and was merged. |
-| Code coverage down more than 10% | High | [Code coverage](../../../ci/testing/code_coverage.md#view-code-coverage-results-in-the-mr) | Code coverage report for the merge request indicates a reduction in coverage of more than 10%. |
-| Code coverage down between 5% to 10% | Medium | [Code coverage](../../../ci/testing/code_coverage.md#view-code-coverage-results-in-the-mr) | Code coverage report for the merge request indicates a reduction in coverage of between 5% to 10%. |
-| Code coverage down between 1% to 5% | Low | [Code coverage](../../../ci/testing/code_coverage.md#view-code-coverage-results-in-the-mr) | Code coverage report for the merge request indicates a reduction in coverage of between 1% to 5%. |
-| Code coverage down less than 1% | Info | [Code coverage](../../../ci/testing/code_coverage.md#view-code-coverage-results-in-the-mr) | Code coverage report for the merge request indicates a reduction in coverage of less than 1%. |
-
-<!-- vale gitlab.SubstitutionWarning = YES -->
-
-##### Separation of duties
-
-GitLab supports a separation of duties policy between users who create and approve merge requests. Our criteria for the
-separation of duties is:
-
-- [A merge request author is **not** allowed to approve their merge request](../../project/merge_requests/approvals/settings.md#prevent-approval-by-author).
-- [A merge request committer is **not** allowed to approve a merge request they have added commits to](../../project/merge_requests/approvals/settings.md#prevent-approvals-by-users-who-add-commits).
-- [The minimum number of approvals required to merge a merge request is **at least** two](../../project/merge_requests/approvals/rules.md).
-
-### Chain of Custody report
-
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/213364) in GitLab 13.3.
-> - Chain of Custody reports sent using email [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/342594) in GitLab 15.3 with a flag named `async_chain_of_custody_report`. Disabled by default.
-> - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/370100) in GitLab 15.5. Feature flag `async_chain_of_custody_report` removed.
-> - Chain of Custody report includes all commits (instead of just merge commits) [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/267601) in GitLab 15.9 with a flag named `all_commits_compliance_report`. Disabled by default.
-> - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/112092) in GitLab 15.9. Feature flag `all_commits_compliance_report` removed.
-
-The Chain of Custody report provides a 1 month trailing window of all commits to a project under the group.
-
-To generate the report for all commits, GitLab:
-
-1. Fetches all projects under the group.
-1. For each project, fetches the last 1 month of commits. Each project is capped at 1024 commits. If there are more than
- 1024 commits in the 1-month window, they are truncated.
-1. Writes the commits to a CSV file. The file is truncated at 15 MB because the report is emailed as an attachment
- (GitLab 15.5 and later).
-
-The report includes:
-
-- Commit SHA.
-- Commit author.
-- Committer.
-- Date committed.
-- Group.
-- Project.
-
-If the commit has a related merge commit, then the following are also included:
-
-- Merge commit SHA.
-- Merge request ID.
-- User who merged the merge request.
-- Merge date.
-- Pipeline ID.
-- Merge request approvers.
-
-#### Generate Chain of Custody report
-
-To generate the Chain of Custody report:
-
-1. On the left sidebar, at the top, select **Search GitLab** (**{search}**) to find your group.
-1. On the left sidebar, select **Secure > Compliance report**.
-1. Select **List of all merge commits**.
-
-Depending on your version of GitLab, the Chain of Custody report is either sent through email or available for download.
-
-#### Generate commit-specific Chain of Custody report
-
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/267629) in GitLab 13.6.
-> - Support for including all commits instead of only merge commits [added](https://gitlab.com/gitlab-org/gitlab/-/issues/393446) in GitLab 15.10.
-
-You can generate a commit-specific Chain of Custody report for a given commit SHA. This report provides only the
-details for the provided commit SHA.
-
-To generate a commit-specific Chain of Custody report:
-
-1. On the left sidebar, at the top, select **Search GitLab** (**{search}**) to find your group.
-1. On the left sidebar, select **Secure > Compliance report**.
-1. At the top of the compliance report, to the right of **List of all commits**, select the down arrow
- (**{chevron-lg-down}**).
-1. Enter the commit SHA, and then select **Export commit custody report**.
-
-Depending on your version of GitLab, the Chain of Custody report is either sent through email or available for download.
-
-Alternatively, use a direct link: `https://gitlab.com/groups/<group-name>/-/security/merge_commit_reports.csv?commit_sha={optional_commit_sha}`,
-passing in an optional value to the `commit_sha` query parameter.
-
-## Compliance frameworks report
-
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/387910) in GitLab 15.10.
-
-With compliance frameworks report, you can see the compliance frameworks that are applied to projects in a group. Each row of the report shows:
-
-- Project name.
-- Project path.
-- Compliance framework label if the project has one assigned.
-
-The default framework for the group has a **default** badge.
-
-### View the compliance frameworks report for a group
-
-Prerequisites:
-
-- You must be an administrator or have the Owner role for the group.
-
-To view the compliance frameworks report:
-
-1. On the left sidebar, at the top, select **Search GitLab** (**{search}**) to find your group.
-1. On the left sidebar, select **Secure > Compliance report**.
-1. On the page, select the **Frameworks** tab.
-
-### Apply a compliance framework to projects in a group
-
-> - Adding compliance frameworks using bulk actions [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/383209) in GitLab 15.11.
-> - Adding compliance frameworks without using bulk actions [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/394795) in GitLab 16.0.
-
-You can apply a compliance framework to projects in a group.
-
-Prerequisites:
-
-- You must have the Owner role for the group.
-
-To apply a compliance framework to one project in a group:
-
-1. On the left sidebar, at the top, select **Search GitLab** (**{search}**) to find your group.
-1. On the left sidebar, select **Secure > Compliance report**.
-1. On the page, select the **Frameworks** tab.
-1. Next to the project you want to add the compliance framework to, select **{plus}** **Add framework**.
-1. Select an existing compliance framework or create a new one.
-
-To apply a compliance framework to multiple projects in a group:
-
-1. On the left sidebar, at the top, select **Search GitLab** (**{search}**) to find your group.
-1. On the left sidebar, select **Secure > Compliance report**.
-1. On the page, select the **Frameworks** tab.
-1. Select multiple projects.
-1. From the **Choose one bulk action** dropdown list, select **Apply framework to selected projects**.
-1. Select framework to apply.
-1. Select **Apply**.
-
-### Remove a compliance framework from projects in a group
-
-> - Removing compliance frameworks using bulk actions [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/383209) in GitLab 15.11.
-> - Removing compliance frameworks without using bulk actions [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/394795) in GitLab 16.0.
-
-You can remove a compliance framework from projects in a group.
-
-Prerequisites:
-
-- You must have the Owner role for the group.
-
-To remove a compliance framework from one project in a group:
-
-1. On the left sidebar, at the top, select **Search GitLab** (**{search}**) to find your group.
-1. On the left sidebar, select **Secure > Compliance report**.
-1. On the page, select the **Frameworks** tab.
-1. Next to the compliance framework to remove from the project, select **{close}** on the framework label.
-
-To remove a compliance framework from multiple projects in a group:
-
-1. On the left sidebar, at the top, select **Search GitLab** (**{search}**) to find your group.
-1. On the left sidebar, select **Secure > Compliance report**.
-1. On the page, select the **Frameworks** tab.
-1. Select multiple projects.
-1. From the **Choose one bulk action** dropdown list, select **Remove framework from selected projects**.
-1. Select **Remove**.
-
-### Export a report of compliance frameworks on projects in a group
-
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/387912) in GitLab 16.0.
-
-Export a report of compliance frameworks that are applied to projects in a group. Reports:
-
-- Do not use filters on the framework report.
-- Are truncated at 15 MB so the email attachment too large.
-
-Prerequisites:
-
-- You must be an administrator or have the Owner role for the group.
-
-To export a report of compliance frameworks on projects in a group:
-
-1. On the left sidebar, at the top, select **Search GitLab** (**{search}**) to find your group.
-1. On the left sidebar, select **Secure > Compliance report**.
-1. On the page, select the **Frameworks** tab.
-1. On the Frameworks tab, select the **Export as CSV** action in the top right corner
-
-A report is compiled and delivered to your email inbox as an attachment.
-
-#### Filter the compliance frameworks report
-
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/387911) in GitLab 15.11.
-
-To filter the list of compliance frameworks:
-
-1. On the left sidebar, at the top, select **Search GitLab** (**{search}**) to find your group.
-1. On the left sidebar, select **Secure > Compliance report**.
-1. On the page, select the **Frameworks** tab.
-1. In the search field:
- 1. Select the attribute you want to filter by.
- 1. Select an operator.
- 1. Select from the list of options or enter text for the search.
-1. Select **Search** (**{search}**).
-
-Repeat this process to filter by multiple attributes.
+<!-- This redirect file can be deleted after <2023-09-20>. -->
+<!-- Redirects that point to other docs in the same project expire in three months. -->
+<!-- Redirects that point to docs in a different project or site (for example, link is not relative and starts with `https:`) expire in one year. -->
+<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/redirects.html -->
diff --git a/doc/user/compliance/index.md b/doc/user/compliance/index.md
index ad36684d987978b2156d8316dbb97fa7bdae6d10..ae705b5edc6dd7a9bbc04cca0424ae7f58f08ae1 100644
--- a/doc/user/compliance/index.md
+++ b/doc/user/compliance/index.md
@@ -9,7 +9,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
The compliance tools provided by GitLab help you keep an eye on various aspects of your project, including:
-- [Compliance report](compliance_report/index.md).
+- [Compliance center](compliance_center/index.md).
- [License approval policies](license_approval_policies.md).
- [License list](license_list.md).
- [License scanning of CycloneDX files](license_scanning_of_cyclonedx_files/index.md).
diff --git a/doc/user/group/index.md b/doc/user/group/index.md
index 654fe928cd4e564395d91e4b81996cc7b75e496b..24a91b32542149e6dab9603e5bdb8661b5af55c9 100644
--- a/doc/user/group/index.md
+++ b/doc/user/group/index.md
@@ -27,7 +27,7 @@ organization view of all groups, [see epic 9266](https://gitlab.com/groups/gitla
A single top-level group provides insights in your entire organization via a complete
[Security Dashboard and Center](../application_security/security_dashboard/index.md),
[Vulnerability](../application_security/vulnerability_report/index.md#vulnerability-report) and
-[Compliance Report](../compliance/compliance_report/index.md), and
+[Compliance center](../compliance/compliance_center/index.md), and
[Value stream analytics](../group/value_stream_analytics/index.md).
## Group visibility
diff --git a/doc/user/group/manage.md b/doc/user/group/manage.md
index b7bdf236ff7355403c97cdb7bf1d34e9e273fcc8..c5a332d4ce0c34083270e367b83fb6baa2a4bcb7 100644
--- a/doc/user/group/manage.md
+++ b/doc/user/group/manage.md
@@ -15,7 +15,7 @@ organization view of all groups, [see epic 9266](https://gitlab.com/groups/gitla
A single top-level group provides insights in your entire organization via a complete
[Security Dashboard and Center](../application_security/security_dashboard/index.md),
[Vulnerability](../application_security/vulnerability_report/index.md#vulnerability-report) and
-[Compliance Report](../compliance/compliance_report/index.md), and
+[Compliance center](../compliance/compliance_center/index.md), and
[Value stream analytics](../group/value_stream_analytics/index.md).
## Add a group README
diff --git a/doc/user/project/merge_requests/approvals/settings.md b/doc/user/project/merge_requests/approvals/settings.md
index eed8cbcd94d41ace74eefdfed1ef4dc9cfe1af54..dea8c024d47dcea86ffeacd02c0f5c5680a56c8d 100644
--- a/doc/user/project/merge_requests/approvals/settings.md
+++ b/doc/user/project/merge_requests/approvals/settings.md
@@ -172,5 +172,5 @@ that inherited them.
## Related topics
- [Instance-level merge request approval settings](../../../admin_area/merge_requests_approvals.md)
-- [Compliance report](../../../compliance/compliance_report/index.md)
+- [Compliance center](../../../compliance/compliance_center/index.md)
- [Merge request approvals API](../../../../api/merge_request_approvals.md)
diff --git a/ee/app/assets/javascripts/approvals/components/group_settings/app.vue b/ee/app/assets/javascripts/approvals/components/group_settings/app.vue
index 1dc1581d7a2c9ba3e3819eca95598a7d5dffa34a..712329a1765aae7def34a4f37a9a3afb3fb08961 100644
--- a/ee/app/assets/javascripts/approvals/components/group_settings/app.vue
+++ b/ee/app/assets/javascripts/approvals/components/group_settings/app.vue
@@ -27,7 +27,7 @@ export default {
},
links: {
groupSettingsDocsPath: helpPagePath('user/project/merge_requests/approvals/index.md'),
- separationOfDutiesDocsPath: helpPagePath('user/compliance/compliance_report/index', {
+ separationOfDutiesDocsPath: helpPagePath('user/compliance/compliance_center/index', {
anchor: 'separation-of-duties',
}),
},
diff --git a/ee/app/assets/javascripts/compliance_dashboard/components/reports_app.vue b/ee/app/assets/javascripts/compliance_dashboard/components/reports_app.vue
index 2be2f1bcb4947a483801a3debc9f723a76b2a451..28ae839d9edc055a2bbcd720475c6126f852248b 100644
--- a/ee/app/assets/javascripts/compliance_dashboard/components/reports_app.vue
+++ b/ee/app/assets/javascripts/compliance_dashboard/components/reports_app.vue
@@ -69,22 +69,24 @@ export default {
ROUTE_VIOLATIONS,
ROUTE_FRAMEWORKS,
i18n: {
- export: s__('Compliance Report|Export full report as CSV'),
+ export: s__('Compliance Center|Export full report as CSV'),
exportTitle: {
frameworks: s__(
- 'Compliance Report|Export frameworks as CSV. You will be emailed after the export is processed.',
+ 'Compliance Center|Export frameworks as CSV. You will be emailed after the export is processed.',
),
violations: s__(
- 'Compliance Report|Export merge request violations as CSV. You will be emailed after the export is processed.',
+ 'Compliance Center|Export merge request violations as CSV. You will be emailed after the export is processed.',
),
},
- frameworksTab: s__('Compliance Report|Frameworks'),
- heading: __('Compliance report'),
- standardsAdherenceTab: s__('Compliance Report|Standards Adherence'),
- subheading: __('Compliance violations and compliance frameworks for the group.'),
- violationsTab: s__('Compliance Report|Violations'),
+ frameworksTab: s__('Compliance Center|Frameworks'),
+ heading: __('Compliance center'),
+ standardsAdherenceTab: s__('Compliance Center|Standards Adherence'),
+ subheading: __(
+ 'Report and manage standards adherence, violations, and compliance frameworks for the group.',
+ ),
+ violationsTab: s__('Compliance Center|Violations'),
},
- documentationPath: helpPagePath('user/compliance/compliance_report/index.md'),
+ documentationPath: helpPagePath('user/compliance/compliance_center/index.md'),
};
</script>
<template>
diff --git a/ee/app/views/admin/push_rules/_merge_request_approvals.html.haml b/ee/app/views/admin/push_rules/_merge_request_approvals.html.haml
index b06d5bf970c7ba668c322d7d18740d02add383bf..e698316953a8dddc5ad0ef0a13850fe88388f533 100644
--- a/ee/app/views/admin/push_rules/_merge_request_approvals.html.haml
+++ b/ee/app/views/admin/push_rules/_merge_request_approvals.html.haml
@@ -6,7 +6,7 @@
= render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
= expanded_by_default? ? _('Collapse') : _('Expand')
%p
- - duties_link_url = help_page_path('user/compliance/compliance_report/index', anchor: 'separation-of-duties')
+ - duties_link_url = help_page_path('user/compliance/compliance_center/index', anchor: 'separation-of-duties')
- link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: duties_link_url }
= s_('MergeRequestApprovals|Enforce %{link_start}separation of duties%{link_end} for all projects.').html_safe % { link_start: link_start, link_end: '</a>'.html_safe }
= link_to _("Learn more."), help_page_path("user/project/merge_requests/approvals/index.md"), target: '_blank', rel: 'noopener noreferrer'
diff --git a/ee/app/views/groups/security/compliance_dashboards/show.html.haml b/ee/app/views/groups/security/compliance_dashboards/show.html.haml
index 17aa1321d5f762bc248adf2f07ee319c491c9f1a..36711ce699f39e873a4a208e0f87721143076e53 100644
--- a/ee/app/views/groups/security/compliance_dashboards/show.html.haml
+++ b/ee/app/views/groups/security/compliance_dashboards/show.html.haml
@@ -1,5 +1,5 @@
-- breadcrumb_title _("Compliance report")
-- page_title _("Compliance report")
+- breadcrumb_title _("Compliance center")
+- page_title _("Compliance center")
#js-compliance-report{ data: {
can_add_edit: @group.subgroup? ? "false" : "true",
diff --git a/ee/app/views/projects/settings/merge_requests/_merge_request_approvals_settings.html.haml b/ee/app/views/projects/settings/merge_requests/_merge_request_approvals_settings.html.haml
index e12116a62b179b20844ae7b87b2bcd97157ffd63..3652e516eea68330837e07f88ca6a3afd090814f 100644
--- a/ee/app/views/projects/settings/merge_requests/_merge_request_approvals_settings.html.haml
+++ b/ee/app/views/projects/settings/merge_requests/_merge_request_approvals_settings.html.haml
@@ -5,7 +5,7 @@
.settings-header
%h4= _('Merge request approvals')
%p
- - duties_link_url = help_page_path('user/compliance/compliance_report/index', anchor: 'separation-of-duties')
+ - duties_link_url = help_page_path('user/compliance/compliance_center/index', anchor: 'separation-of-duties')
- link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: duties_link_url }
= s_('MergeRequestApprovals|Define approval rules and settings to ensure %{link_start}separation of duties%{link_end} for new merge requests.').html_safe % { link_start: link_start, link_end: '</a>'.html_safe }
= link_to _("Learn more."), help_page_path("user/project/merge_requests/approvals/index.md"), target: '_blank', rel: 'noopener noreferrer'
diff --git a/ee/lib/sidebars/groups/menus/security_compliance_menu.rb b/ee/lib/sidebars/groups/menus/security_compliance_menu.rb
index 47cba9769600427efe73711876048b086aed0a6a..32e651f15ee287edcc16baba758d0a4122b497ec 100644
--- a/ee/lib/sidebars/groups/menus/security_compliance_menu.rb
+++ b/ee/lib/sidebars/groups/menus/security_compliance_menu.rb
@@ -101,7 +101,7 @@ def compliance_menu_item
end
::Sidebars::MenuItem.new(
- title: _('Compliance report'),
+ title: _('Compliance center'),
link: group_security_compliance_dashboard_path(context.group),
super_sidebar_parent: ::Sidebars::Groups::SuperSidebarMenus::SecureMenu,
active_routes: { path: 'compliance_dashboards#show' },
diff --git a/ee/spec/features/groups/navbar_spec.rb b/ee/spec/features/groups/navbar_spec.rb
index afd264e5839fff688eb6ee51af280dbad309b0a5..d534eccf0b15c886414c9354b266bc11c1c6f528 100644
--- a/ee/spec/features/groups/navbar_spec.rb
+++ b/ee/spec/features/groups/navbar_spec.rb
@@ -254,7 +254,7 @@
nav_sub_items: [
_('Security dashboard'),
_('Vulnerability report'),
- _('Compliance report'),
+ _('Compliance center'),
_('Audit events')
]
}
diff --git a/ee/spec/frontend/approvals/components/group_settings/app_spec.js b/ee/spec/frontend/approvals/components/group_settings/app_spec.js
index 4485749cf0e9be478a276a445fd48f9c80e14cb6..5dc888aee249ee061aa1a43a964de5eec034c960 100644
--- a/ee/spec/frontend/approvals/components/group_settings/app_spec.js
+++ b/ee/spec/frontend/approvals/components/group_settings/app_spec.js
@@ -69,7 +69,7 @@ describe('EE Approvals Group Settings App', () => {
it.each`
findComponent | text | href
- ${findDescriptionLink} | ${'separation of duties'} | ${'/help/user/compliance/compliance_report/index#separation-of-duties'}
+ ${findDescriptionLink} | ${'separation of duties'} | ${'/help/user/compliance/compliance_center/index#separation-of-duties'}
${findLearnMoreLink} | ${'Learn more.'} | ${'/help/user/project/merge_requests/approvals/index.md'}
`('has the correct link for $text', ({ findComponent, text, href }) => {
createWrapper();
diff --git a/ee/spec/frontend/compliance_dashboard/components/reports_app_spec.js b/ee/spec/frontend/compliance_dashboard/components/reports_app_spec.js
index d0aee5e26181351b24f9d0a8d1eeec413b4543ec..bd0071071c1a5eb5ac144f9d4a06306a2295cc42 100644
--- a/ee/spec/frontend/compliance_dashboard/components/reports_app_spec.js
+++ b/ee/spec/frontend/compliance_dashboard/components/reports_app_spec.js
@@ -72,9 +72,11 @@ describe('ComplianceReportsApp component', () => {
it('passes the expected values to the header', () => {
expect(findHeader().props()).toMatchObject({
- heading: __('Compliance report'),
- subheading: __('Compliance violations and compliance frameworks for the group.'),
- documentationPath: '/help/user/compliance/compliance_report/index.md',
+ heading: __('Compliance center'),
+ subheading: __(
+ 'Report and manage standards adherence, violations, and compliance frameworks for the group.',
+ ),
+ documentationPath: '/help/user/compliance/compliance_center/index.md',
});
});
@@ -120,9 +122,11 @@ describe('ComplianceReportsApp component', () => {
it('passes the expected values to the header', () => {
expect(findHeader().props()).toMatchObject({
- heading: __('Compliance report'),
- subheading: __('Compliance violations and compliance frameworks for the group.'),
- documentationPath: '/help/user/compliance/compliance_report/index.md',
+ heading: __('Compliance center'),
+ subheading: __(
+ 'Report and manage standards adherence, violations, and compliance frameworks for the group.',
+ ),
+ documentationPath: '/help/user/compliance/compliance_center/index.md',
});
});
diff --git a/ee/spec/services/compliance_management/merge_requests/create_compliance_violations_service_spec.rb b/ee/spec/services/compliance_management/merge_requests/create_compliance_violations_service_spec.rb
index 6a851f5d7d806bfcdc7ef9f65aa85fb1f50f5104..5375fcd488c882522fb14ed0d822145a7ccc1d8d 100644
--- a/ee/spec/services/compliance_management/merge_requests/create_compliance_violations_service_spec.rb
+++ b/ee/spec/services/compliance_management/merge_requests/create_compliance_violations_service_spec.rb
@@ -19,7 +19,7 @@
end
end
- context 'when the compliance report feature is disabled' do
+ context 'when the compliance center feature is disabled' do
before do
stub_licensed_features(group_level_compliance_dashboard: false)
end
@@ -27,7 +27,7 @@
it_behaves_like 'does not call process_merge_request'
end
- context 'when the compliance report feature is enabled' do
+ context 'when the compliance center feature is enabled' do
before do
stub_licensed_features(group_level_compliance_dashboard: true)
end
diff --git a/ee/spec/services/ee/merge_requests/post_merge_service_spec.rb b/ee/spec/services/ee/merge_requests/post_merge_service_spec.rb
index 290e721e687846ab94c5d2312dc84b9d72bdef1e..79aa0f1eafad73ac9643c4e897bde8d89f99123c 100644
--- a/ee/spec/services/ee/merge_requests/post_merge_service_spec.rb
+++ b/ee/spec/services/ee/merge_requests/post_merge_service_spec.rb
@@ -33,7 +33,7 @@
end
end
- context 'when the compliance report feature is unlicensed' do
+ context 'when the compliance center feature is unlicensed' do
before do
stub_licensed_features(group_level_compliance_dashboard: false)
end
@@ -41,7 +41,7 @@
it_behaves_like 'does not call the compliance violations worker'
end
- context 'when the compliance report feature is licensed' do
+ context 'when the compliance center feature is licensed' do
before do
stub_licensed_features(group_level_compliance_dashboard: true)
end
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 779f0e4fb2ae6bda9b4a9db1a7816d86b49ebd1a..2d39cc82515435120581687d81eef39f7dd90ad4 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -11712,31 +11712,28 @@ msgstr ""
msgid "Completed in %{duration_seconds} seconds (%{relative_time})"
msgstr ""
-msgid "Compliance Report|Export frameworks as CSV. You will be emailed after the export is processed."
+msgid "Compliance Center|Export frameworks as CSV. You will be emailed after the export is processed."
msgstr ""
-msgid "Compliance Report|Export full report as CSV"
+msgid "Compliance Center|Export full report as CSV"
msgstr ""
-msgid "Compliance Report|Export merge request violations as CSV. You will be emailed after the export is processed."
+msgid "Compliance Center|Export merge request violations as CSV. You will be emailed after the export is processed."
msgstr ""
-msgid "Compliance Report|Frameworks"
+msgid "Compliance Center|Frameworks"
msgstr ""
-msgid "Compliance Report|Standards Adherence"
+msgid "Compliance Center|Standards Adherence"
msgstr ""
-msgid "Compliance Report|Violations"
+msgid "Compliance Center|Violations"
msgstr ""
-msgid "Compliance framework"
-msgstr ""
-
-msgid "Compliance report"
+msgid "Compliance center"
msgstr ""
-msgid "Compliance violations and compliance frameworks for the group."
+msgid "Compliance framework"
msgstr ""
msgid "ComplianceFrameworks|Add framework"
@@ -38896,6 +38893,9 @@ msgstr ""
msgid "Report abuse to administrator"
msgstr ""
+msgid "Report and manage standards adherence, violations, and compliance frameworks for the group."
+msgstr ""
+
msgid "Report couldn't be prepared."
msgstr ""
diff --git a/qa/qa/ee/page/group/menu.rb b/qa/qa/ee/page/group/menu.rb
index 1bbf641ae65d5edd85be98cb2b374236df74b1b0..d84879c29a13f265be3b6ac3101da33be3620e63 100644
--- a/qa/qa/ee/page/group/menu.rb
+++ b/qa/qa/ee/page/group/menu.rb
@@ -124,7 +124,7 @@ def click_compliance_report_link
hover_security_and_compliance do
within_submenu do
- click_element(:sidebar_menu_item_link, menu_item: 'Compliance report')
+ click_element(:sidebar_menu_item_link, menu_item: 'Compliance center')
end
end
end
diff --git a/qa/qa/ee/page/group/sub_menus/super_sidebar/secure.rb b/qa/qa/ee/page/group/sub_menus/super_sidebar/secure.rb
index 7dd87a30e1cace51ff91af6db3d38abbaa416697..1ce03de07ad928538e91e0c00dbb8c8f799e35d1 100644
--- a/qa/qa/ee/page/group/sub_menus/super_sidebar/secure.rb
+++ b/qa/qa/ee/page/group/sub_menus/super_sidebar/secure.rb
@@ -18,7 +18,7 @@ def self.prepended(base)
end
def go_to_compliance_report
- open_secure_submenu('Compliance report')
+ open_secure_submenu('Compliance center')
end
end
end