@@ -99,7 +99,7 @@ and complete an integration with the Secure stage.
...
@@ -99,7 +99,7 @@ and complete an integration with the Secure stage.
- In the [Security Dashboard](../../user/application_security/security_dashboard/index.md)([Dashboard data flow](https://gitlab.com/snippets/1910005#project-and-group-dashboards)).
- In the [Security Dashboard](../../user/application_security/security_dashboard/index.md)([Dashboard data flow](https://gitlab.com/snippets/1910005#project-and-group-dashboards)).
1. Optional: Provide a way to interact with results as Vulnerabilities:
1. Optional: Provide a way to interact with results as Vulnerabilities:
- Users can interact with the findings from your artifact within their workflow. They can dismiss the findings or accept them and create a backlog issue.
- Users can interact with the findings from your artifact within their workflow. They can dismiss the findings or accept them and create a backlog issue.
- To automatically create issues without user interaction, use the [issue API](../../api/issues.md). This will be replaced by [Standalone Vulnerabilities](https://gitlab.com/groups/gitlab-org/-/epics/634) in the future.
- To automatically create issues without user interaction, use the [issue API](../../api/issues.md).
1. Optional: Provide auto-remediation steps:
1. Optional: Provide auto-remediation steps:
- If you specified `remediations` in your artifact, it is proposed through our [automatic remediation](../../user/application_security/index.md#automatic-remediation-for-vulnerabilities)
- If you specified `remediations` in your artifact, it is proposed through our [automatic remediation](../../user/application_security/index.md#automatic-remediation-for-vulnerabilities)
1. The last step is to provide the cluster details.
1. The last step is to provide the cluster details.
1. Give it a name, leave the environment scope as is, and choose the GCP project under which the cluster
1. Give it a name, leave the environment scope as is, and choose the GCP project under which to create the cluster.
will be created (per the instructions to [configure your Google account](#configuring-your-google-account), a project should have already been created for you).
(Per the instructions to [configure your Google account](#configuring-your-google-account), a project should have already been created for you.)
1. Choose the [region/zone](https://cloud.google.com/compute/docs/regions-zones/)under which the cluster will be created.
1. Choose the [region/zone](https://cloud.google.com/compute/docs/regions-zones/)to create the cluster in.
1. Enter the number of nodes you want it to have.
1. Enter the number of nodes you want it to have.
1. Choose the [machine type](https://cloud.google.com/compute/docs/machine-types).
1. Choose the [machine type](https://cloud.google.com/compute/docs/machine-types).
...
@@ -118,7 +118,7 @@ filled in the domain, click **Save changes**.
...
@@ -118,7 +118,7 @@ filled in the domain, click **Save changes**.
Prometheus should also be installed. It is an open-source monitoring and
Prometheus should also be installed. It is an open-source monitoring and
alerting system that is used to supervise the deployed application.
alerting system that is used to supervise the deployed application.
We will not install GitLab Runner as we use the shared runners that
Installing GitLab Runner is not required as we use the shared runners that
@@ -332,7 +332,7 @@ For information on this, see the [general Application Security troubleshooting s
...
@@ -332,7 +332,7 @@ For information on this, see the [general Application Security troubleshooting s
This error is usually caused by the `GIT_DEPTH` value of 50 that is set for all [projects by default](../../../ci/pipelines/settings.md#git-shallow-clone).
This error is usually caused by the `GIT_DEPTH` value of 50 that is set for all [projects by default](../../../ci/pipelines/settings.md#git-shallow-clone).
For example, if a pipeline is triggered from a Merge Request containing 60 commits while the `GIT_DEPTH` is set to 50, the Secret Detection job will fail as the clone will not have been deep enough to contain all of the relevant commits.
For example, if a pipeline is triggered from a Merge Request containing 60 commits while the `GIT_DEPTH` is set to 50, the Secret Detection job fails as the clone is not deep enough to contain all of the relevant commits.
You can confirm this to be the cause of the error by implementing a [logging level](../../application_security/secret_detection/index.md#logging-level) of `debug`. Once implemented, the logs should look similar to the following example, wherein an "object not found" error can be seen:
You can confirm this to be the cause of the error by implementing a [logging level](../../application_security/secret_detection/index.md#logging-level) of `debug`. Once implemented, the logs should look similar to the following example, wherein an "object not found" error can be seen: