diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-08-20 18:42:06 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-08-20 18:42:06 +0000 |
commit | 6e4e1050d9dba2b7b2523fdd1768823ab85feef4 (patch) | |
tree | 78be5963ec075d80116a932011d695dd33910b4e /doc/user/application_security/configuration/index.md | |
parent | 1ce776de4ae122aba3f349c02c17cebeaa8ecf07 (diff) | |
download | gitlab-ce-6e4e1050d9dba2b7b2523fdd1768823ab85feef4.tar.gz |
Add latest changes from gitlab-org/gitlab@13-3-stable-ee
Diffstat (limited to 'doc/user/application_security/configuration/index.md')
-rw-r--r-- | doc/user/application_security/configuration/index.md | 29 |
1 files changed, 11 insertions, 18 deletions
diff --git a/doc/user/application_security/configuration/index.md b/doc/user/application_security/configuration/index.md index 229a8572206..1195d07d7b7 100644 --- a/doc/user/application_security/configuration/index.md +++ b/doc/user/application_security/configuration/index.md @@ -9,28 +9,21 @@ info: To determine the technical writer assigned to the Stage/Group associated w > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20711) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.6. -## Overview +The Security Configuration page displays the configuration state of each security feature in the +current project. The page uses the project's latest default branch [CI pipeline](../../../ci/pipelines/index.md) +to determine each feature's configuration state. If a job with the expected security report artifact +exists in the pipeline, the feature is considered enabled. -The security configuration page displays the configuration state of each of the security -features and can be accessed through a project's sidebar nav. - -![Screenshot of security configuration page](../img/security_configuration_page_v13_2.png) - -The page uses the project's latest default branch [CI pipeline](../../../ci/pipelines/index.md) to determine the configuration -state of each feature. If a job with the expected security report artifact exists in the pipeline, -the feature is considered configured. +You can only enable SAST from the Security Configuration page. Documentation links are included for +the other features. For details about configuring SAST, see [Configure SAST in the UI](../sast/index.md#configure-sast-in-the-ui). NOTE: **Note:** If the latest pipeline used [Auto DevOps](../../../topics/autodevops/index.md), -all security features will be configured by default. +all security features are configured by default. -## Limitations +## View Security Configuration -It is not yet possible to enable or disable most features using the -configuration page. However, instructions on how to enable or disable a feature -can be found through the links next to each feature on that page. +To view a project's security configuration: -If a project does not have an existing CI configuration, then the SAST feature -can be enabled by clicking on the "Enable with Merge Request" button under the -"Manage" column. Future work will expand this to editing _existing_ CI -configurations, and to other security features. +1. Go to the project's home page. +1. In the left sidebar, go to **Security & Configuration** > **Configuration**. |