馃帹 Design: DAST on-demand: Select branch for on-demand scans
Release notes
Currently, users are only able to scan the default branch with on-demand scans. This can cause problems, as the code that the user has deployed and is scanning might be on a feature or staging branch. It also causes accessibility problems in that default branches are protected by default, which does not allow for users with developer permissions to scan the branch. By allowing users to pick the branch that the scan is associated with, we will allow developers to scan their code that is deployed from feature or staging branches and not require that the default branch be unprotected or developer permissions elevated in order to conduct a successful on-demand DAST scan.
Problem to solve
As an on-demand DAST user, I would like to select the branch that my on-demand scans are associated with, so that I'm not constrained to only scanning the default branch.
Currently, users are only able to scan the default branch with on-demand scans. This can cause problems, as the code that the user has deployed and is scanning might be on a feature or staging branch. It also causes accessibility problems in that default branches are protected by default, which does not allow for users with developer permissions to scan the branch. In order to allow a wider range of users to use on-demand scans, we need to enable them to pick the branch that the scans are associated with.
Proposal
The user should be able to select the branch the scan is associated with when they select the profiles they want to run in the scan. The branch selection should not be a part of either profile, but part of the scan configuration itself. Once saved scans are implemented, this will allow users to save a scan with a branch, site profile, and scanner profile. The default branch will be selected as the default for this field.
Design
| Default page | Select branch dropdown with search |
|---|---|
 |
 |
| Manage scans (branch listed below scan name) | Branch missing | Insufficient permission to run on branch |
|---|---|---|
 |
 |
 |
馃帹 Figma file
馃摻 Video walkthrough
Documentation
The on-demand DAST scan documentation will need to be updated to reflect this ability to select the branch.