Commit 8a3f6502 authored by saikat sarkar's avatar saikat sarkar Committed by Russell Dickenson

Improve documentation around SAST failures in pipeline

Improve doc around SAST failures

Make error code link available

Refactor code
parent 191b9600
......@@ -51,6 +51,9 @@ However, DAST can be [configured](#full-scan)
to also perform a so-called "active scan". That is, attack your application and produce a more extensive security report.
It can be very useful combined with [Review Apps](../../../ci/review_apps/index.md).
NOTE: **Note:**
A pipeline may consist of multiple jobs, including SAST and DAST scanning. If any job fails to finish for any reason, the security dashboard will not show DAST scanner output. For example, if the DAST job finishes but the SAST job fails, the security dashboard will not show DAST results. The analyzer will output an [exit code](../../../development/integrations/secure.md#exit-code) on failure.
## Use cases
It helps you automatically find security vulnerabilities in your running web
......
......@@ -36,6 +36,9 @@ The results are sorted by the priority of the vulnerability:
1. Unknown
1. Everything else
NOTE: **Note:**
A pipeline consists of multiple jobs, including SAST and DAST scanning. If any job fails to finish for any reason, the security dashboard will not show SAST scanner output. For example, if the SAST job finishes but the DAST job fails, the security dashboard will not show SAST results. The analyzer will output an [exit code](../../../development/integrations/secure.md#exit-code) on failure.
## Use cases
- Your code has a potentially dangerous attribute in a class, or unsafe code
......
......@@ -44,6 +44,9 @@ Visit the page for any pipeline which has run any of the [supported reports](#su
![Pipeline Security Dashboard](img/pipeline_security_dashboard_v12_6.png)
NOTE: **Note:**
A pipeline consists of multiple jobs, including SAST and DAST scanning. If any job fails to finish for any reason, the security dashboard will not show SAST scanner output. For example, if the SAST job finishes but the DAST job fails, the security dashboard will not show SAST results. The analyzer will output an [exit code](../../../development/integrations/secure.md#exit-code) on failure.
## Project Security Dashboard
> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/6165) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.1.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment