►
From YouTube: Security Dashboard Integration Task Breakdown
Description
Sam has been working on the Security Dashboard Integration recently. As the task has shown to be bigger than expected, we had a talk/planning on how to divide it so that multiple people can work at the same time on different parts of it.
Here is the MR for the plan we decided to follow during this talk: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/27674
B
Right,
where
are
we,
what
we're
doing
we're
replacing
all
of
the
the
sorry
we're
changing
the
way
that
we
lured
vulnerabilities
on
the
various
dashboards?
We
have
pipeline
dashboard,
sorry,
security,
dashboards,
pipeline
security,
dashboard
project
security,
dashboard
group,
security,
dashboard
and
the
incidents
level
security
dashboard.
B
The
pipeline
security
dashboard
is
saying
exactly
the
same,
so
we
don't
worry
about
that
one,
but
we
are
changing
in
the
underlying
data
for
the
group
project
and
instance,
security
dashboards,
so
there
they're
no
longer
be
gone,
going
to
be
best
of
vulnerability
findings,
which
is
what
they've
always
been
based
off:
we're
going
to
base
them
off
these
new
first
class
vulnerabilities
or
standalone
vulnerabilities.
Whatever
we
decide
we're
finally
going
to
call
them
second,
that
these
dashboards
are
currently
using
rest
endpoints
with
view
X
and
the
first
class
vulnerabilities,
they
are
using
graph
QL.
B
B
If
the
feature
flag
is
enabled,
so
we
need
to
use
the
first
class
vulnerabilities,
then
we
lured
the
graph
QL
wrapper
and
then
that
sends
all
the
data
down
to
the
same
components.
This
is
the
plan.
The
problem
we
have
at
the
moment
is
a
lot
of
these
components
are
sort
of
very
heavily
tied
to
view
X
they
dispatch
actions.
They
do
all
sorts
of
things.
B
So
one
thing
we
need
to
do
is
sever
them
ties
to
view
X
and
just
pass
things
down
as
much
as
we
can
and
pull
up
events
and
things
so
that
we
can
just
have
these
sort
of
top-level
components
that
will
deal
with
the
day
just
pass
it
down
at
these
these
components
so
that
we
can,
you
know
we
can
reuse
these
as
much
as
possible.
So
not
only
is
is
this
view
X
thing
used
when
the
feature
flags
turned
off.
B
B
So
that's
that's!
The
sort
of
high-level
idea.
I
have
already
started
down
this.
This
is
in
this
branch
here
that
you
can't
read
fully
book.
It's
not
a
branch,
it's
not
in
master
yet,
so,
if
you
don't
see
it,
that's
why
this
is
the
group
security
dashboard
page.
So
this
is
the
entry
point
for
the
group
security
dashboard
and
we
just
said
if
the
first
class
vulnerabilities
feature
is
enabled,
then
we
initialize
the
first
class
dashboard.
B
So
we're
with
this
now,
so
this
is
the
original
security
dashboard
and
you
can
see
it's
got
all
this
view
X
stuff
inside
it.
So
we've
got
all
of
the
computed
props
that
were
pulling
from
the
stores
and
then,
when
we've
created
the
page,
we're
setting
all
the
end
points
and
then
fetching
things,
and
then
we
have
all
of
these
actions
and
things.
So
this
is
very,
very
heavily
view
X.
So
this
is
gonna,
be
the
thing
that
passes
down
all
the
Dare
to
our
different
components.
B
B
Project,
that's
project,
dashboard,
that's
what
it's
called,
so
we
load
in
this
first
class
project
dashboard
which
has
oh-oh
it
doesn't
yet
actually,
but
this
will
have
all
of
the
graph
QL
stuff
inside
and
it'll,
pass
it
down
to
this
new
first
class
dashboard,
which
just
has
various
slots
for
where
all
the
data
goes.
So
this
is
more
of
a
layout
style
component,
so
the
project
dashboard
right
now
it
has
this
project
vulnerabilities,
app.
B
This
one
here
so
this
is
where
all
the
graph
QL
stuff
is
currently,
but
we
should
probably
move
that
up
a
level
into
the
this
project
dashboard
so
that
all
the
other
components
can
can
access
it.
But
this
just
you
can
see
here's
the
graph
QL
stuff
for
it,
so
it
just
pulls
in
all
the
vulnerabilities.
B
It's
got
a
link
from
the
Billy's
query
that
we
import
it
down
here,
and
these
are
just
you
know
normal
graph,
QL
queries
with
some
fragments
in
for
reusability,
and
then
we
do
all
of
the
I'm
not
gonna
go
too
far
into
how
all
this
works,
but
it
just
basically
it
pulls
all
of
the
vulnerabilities
out
of
the
graph
QL
stuff
and
then
passes
them
down
here
to
a
fun
ability
list.
So
this
is
just
a
list
of
fun
abilities
so
that
that's
what
we
have
right
now,
the
actual
dashboard
itself.
B
Yes,
so
this
Emma
will
be
rather
large
right
now,
which
is
kind
of
why
we're
having
this
conversation
is
to
work
out
how
we
split
this,
because
this
this
will
take
probably
months
to
go
through
so
originally,
you
know,
you
know
how
you
start
down
a
line
like
oh
yeah.
This
would
be.
This
would
be
a
quick
shot
Emma
and
then
you
are
no
neat
change
this
as
well.
I
actually
I
need
to
change
this
so
I'm
at
I'm.
At
that
point
right
now.
Oh
this
is
the
group
dashboard.
B
B
It
might
be
easier
if
I
push
up
what
I've
got
now
and
put
it
in
for
a
work-in-progress
Emma,
and
then
we
get
the
diff
view
and
we
can
see
alright.
Okay.
This
is
a
chunk
that
we
could
splay
out
or
whatever
yeah,
but
so
right
now
this
all
of
this,
all
of
it
all
that
it
does
is
Lord
the
vulnerabilities
into
the
security
dashboard.
There's,
there's
no
fillers,
there's
not
counts.
There's
no.
A
B
Is
all
the
the
graph
qld
yeah
and
then
clicking
through
these?
Takes
you
to
the
standalone
page
and
everything?
So
it's
the
first
class
or
stand
alone
and
vulnerable
ease
there
on
this
list,
but
obviously
it
looks
nothing
like
this
yet
so
this
is
the
the
end
goal
yeah.
This
is
where
we
are
right
now
and.
B
Yeah
definitely
so
this
is
something
I
always
meant
to
bring
up
to
Matt,
there's
a
lot
of
issues
that
are
changing
things
on
the
security
dashboard
and
there's
also
this
giant
issue
that
completely
rewrites
the
security
dashboard.
So
we
should
probably
be
put
in
the
others
on
hold
for
a
little
bit
to
give
us
a
bit
of
leeway,
because
otherwise
we're
just
doing
everything
twice.
A
A
B
A
A
B
A
B
A
B
B
B
The
the
columns
are
totally
different
yeah,
the
naming
of
the
day
are,
is
totally
different,
which
is
a
little
annoying,
but
it
is
what
it
is.
So
this
is
I
can't
remember
exactly
what
it
is,
but
it's
like
its
name
in
one
its
title
in
the
other.
It's
they're
slightly
different,
and
that
would
the
big
difference
between
them
is
when
I
hover
over
these.
You
see
you
get
these
actions
yeah
and
clicking
on.
It
opens
a
model
that
has
all
of
these
different
bits
and
pieces.
The
vulnerability
list
has
none
of
that.
B
B
A
We
can
use
that
okay,
I
could
okay,
we
could
use
something
like
this
and
one
one
person
works
on
the
UX
and
then
the
other
one
works
on
graph
Cal
right.
As
long
as
we
have
this,
the
bottom
is
the
layout
is
actually
ready.
Maybe
we
can
start
working
on
that
separately.
We
won't
actually
have
merge
conflicts.
Maybe
yes,.
A
B
A
B
It
make
yes
I
suppose
I
mean
I.
Hadn't
really
thought
so
that
I
hadn't
thought
of
the.
A
A
B
Originally
that
wasn't
my
plan,
but,
to
be
honest,
that's
maybe
not
a
bad
plan.
I
mean
I
rename
this
it's
not
first-class
dashboards,
a
terrible
name
for
it,
but
so
all
this
is
really
is
just
the
layout.
That's
been
pulled
out
of
this
so
making
this
use
that
layout
component
with
all
the
slots
and
things
is
probably
not
a
terrible
idea.
Yeah.
A
B
A
good
idea
I
like
that
idea:
okay,
okay
and
then
yeah.
So
one
of
the
things
I
was
no
sorry
mark
my
head's
all
over
the
place
at
the
moment.
To
be
honest,
should
we
start
there
yeah
and
then
and
then
catch
up
again?
You
know
in
a
couple
of
days
or
whatever
and
and
go
from
there
I'll
push
up
what
I've
got
here
as
well,
so
that
you
can
have
a
look
and
see
if
there's
anything
else,
that
you
think
you
can
split
the
another
thing
that
we
could
split
off
as
well.
B
B
Yeah
this
is
it
right,
so
this
is
how
I'd
originally
split
up
the
work
refactor
the
filter
component,
to
rely
on
props
instead
of
actions,
that's
done,
create
separate
graph
QL
based
dashboard
that
pulls
in
the
vulnerability
list.
Toggle
is
based
on
the
feature
flag.
That's
what
I'm
doing
right
now,
yeah
mm-hmm!
B
A
B
A
A
And
also
it's
like
sleeping
with
this
fifth
speaker
right
now
that
the
place
where
the
filters
are
doesn't
really
make
sense.
There's
there
are
the
countries
in
between
like
there's
a
list.
There
are
the
contours.
Does
it
make
sense
to
come
to
you
on
top,
but
it's
a
one
line,
change
like
at
least
in
the
dashboard
in
the
app
file.
It
should
be
one
well.
B
B
A
B
Yeah
I
was
just
checking,
there's
no
there's
no
view
X
tied
in
this
component
either,
which
is
nice,
there's
a
few
components
that
have
a
lot
of
UX
in
you
know.
We
should
start
migrate
now.
Well,
yeah.
That
sounds
fairly
straight.
A
quick,
quick
thing
on
that
as
well.
You
probably
noticed
there's
a
lot
of
CSS
in
GIS
I
added
that
I
wasn't
supposed
to.
B
A
A
Oh
good,
good,
it's
it's
so
previously.
They,
it
was
like
generating
right
on
time.
Now
it's
a
background
job.
So
its
first
you
initiate
the.
But
when
you
click
you
initiate
the
export
and
then
you
whip
it
and
then
the
backend
prepares
it
and
then
returns
you
a
link
to
call
and
then
once
it's
ready,
you
download
it.
That's
cool,
that's
cool!
A
B
B
So
yeah
well
take
a
look
at
that.
Just
so
I'm
clear,
I'm
gonna
make
a
quick
list
of
what
I
need
to
do
and
I
will
say
out
loud
in
case
I
miss
an
event
so
split
out
the
dashboard
template
component.