Commit 829b421f authored by Lindsay Kerr's avatar Lindsay Kerr Committed by Russell Dickenson

FutureTense style clean up for Secure & Protect

parent 029a3c00
...@@ -399,7 +399,7 @@ isn't a stable identifier and you shouldn't assume it as such when tracking vuln ...@@ -399,7 +399,7 @@ isn't a stable identifier and you shouldn't assume it as such when tracking vuln
The maximum number of identifiers for a vulnerability is set as 20. If a vulnerability has more than 20 identifiers, The maximum number of identifiers for a vulnerability is set as 20. If a vulnerability has more than 20 identifiers,
the system saves only the first 20 of them. Note that vulnerabilities in the [Pipeline the system saves only the first 20 of them. Note that vulnerabilities in the [Pipeline
Security](../../user/application_security/security_dashboard/#pipeline-security) Security](../../user/application_security/security_dashboard/#pipeline-security)
tab do not enforce this limit and will show all identifiers present in the report artifact. tab do not enforce this limit and all identifiers present in the report artifact are displayed.
### Location ### Location
......
...@@ -99,7 +99,7 @@ and complete an integration with the Secure stage. ...@@ -99,7 +99,7 @@ and complete an integration with the Secure stage.
- In the [Security Dashboard](../../user/application_security/security_dashboard/index.md) ([Dashboard data flow](https://gitlab.com/snippets/1910005#project-and-group-dashboards)). - In the [Security Dashboard](../../user/application_security/security_dashboard/index.md) ([Dashboard data flow](https://gitlab.com/snippets/1910005#project-and-group-dashboards)).
1. Optional: Provide a way to interact with results as Vulnerabilities: 1. Optional: Provide a way to interact with results as Vulnerabilities:
- Users can interact with the findings from your artifact within their workflow. They can dismiss the findings or accept them and create a backlog issue. - Users can interact with the findings from your artifact within their workflow. They can dismiss the findings or accept them and create a backlog issue.
- To automatically create issues without user interaction, use the [issue API](../../api/issues.md). This will be replaced by [Standalone Vulnerabilities](https://gitlab.com/groups/gitlab-org/-/epics/634) in the future. - To automatically create issues without user interaction, use the [issue API](../../api/issues.md).
1. Optional: Provide auto-remediation steps: 1. Optional: Provide auto-remediation steps:
- If you specified `remediations` in your artifact, it is proposed through our [automatic remediation](../../user/application_security/index.md#automatic-remediation-for-vulnerabilities) - If you specified `remediations` in your artifact, it is proposed through our [automatic remediation](../../user/application_security/index.md#automatic-remediation-for-vulnerabilities)
interface. interface.
......
...@@ -76,9 +76,9 @@ to deploy this application under. ...@@ -76,9 +76,9 @@ to deploy this application under.
![Google auth](../autodevops/img/guide_google_auth_v12_3.png) ![Google auth](../autodevops/img/guide_google_auth_v12_3.png)
1. The last step is to provide the cluster details. 1. The last step is to provide the cluster details.
1. Give it a name, leave the environment scope as is, and choose the GCP project under which the cluster 1. Give it a name, leave the environment scope as is, and choose the GCP project under which to create the cluster.
will be created (per the instructions to [configure your Google account](#configuring-your-google-account), a project should have already been created for you). (Per the instructions to [configure your Google account](#configuring-your-google-account), a project should have already been created for you.)
1. Choose the [region/zone](https://cloud.google.com/compute/docs/regions-zones/) under which the cluster will be created. 1. Choose the [region/zone](https://cloud.google.com/compute/docs/regions-zones/) to create the cluster in.
1. Enter the number of nodes you want it to have. 1. Enter the number of nodes you want it to have.
1. Choose the [machine type](https://cloud.google.com/compute/docs/machine-types). 1. Choose the [machine type](https://cloud.google.com/compute/docs/machine-types).
...@@ -118,7 +118,7 @@ filled in the domain, click **Save changes**. ...@@ -118,7 +118,7 @@ filled in the domain, click **Save changes**.
Prometheus should also be installed. It is an open-source monitoring and Prometheus should also be installed. It is an open-source monitoring and
alerting system that is used to supervise the deployed application. alerting system that is used to supervise the deployed application.
We will not install GitLab Runner as we use the shared runners that Installing GitLab Runner is not required as we use the shared runners that
GitLab.com provides. GitLab.com provides.
## Enabling Auto DevOps (optional) ## Enabling Auto DevOps (optional)
......
...@@ -332,7 +332,7 @@ For information on this, see the [general Application Security troubleshooting s ...@@ -332,7 +332,7 @@ For information on this, see the [general Application Security troubleshooting s
This error is usually caused by the `GIT_DEPTH` value of 50 that is set for all [projects by default](../../../ci/pipelines/settings.md#git-shallow-clone). This error is usually caused by the `GIT_DEPTH` value of 50 that is set for all [projects by default](../../../ci/pipelines/settings.md#git-shallow-clone).
For example, if a pipeline is triggered from a Merge Request containing 60 commits while the `GIT_DEPTH` is set to 50, the Secret Detection job will fail as the clone will not have been deep enough to contain all of the relevant commits. For example, if a pipeline is triggered from a Merge Request containing 60 commits while the `GIT_DEPTH` is set to 50, the Secret Detection job fails as the clone is not deep enough to contain all of the relevant commits.
You can confirm this to be the cause of the error by implementing a [logging level](../../application_security/secret_detection/index.md#logging-level) of `debug`. Once implemented, the logs should look similar to the following example, wherein an "object not found" error can be seen: You can confirm this to be the cause of the error by implementing a [logging level](../../application_security/secret_detection/index.md#logging-level) of `debug`. Once implemented, the logs should look similar to the following example, wherein an "object not found" error can be seen:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment