Commit 31da8512 authored by Dheeraj Joshi's avatar Dheeraj Joshi

Remove dast_configuration_ui feature flag

This removes feature flag added for Configuring
DAST using UI and CI/CD pipeline

Changelog: other
EE: true
parent a404e803
...@@ -15,7 +15,6 @@ module EE ...@@ -15,7 +15,6 @@ module EE
before_action only: [:show] do before_action only: [:show] do
push_frontend_feature_flag(:security_auto_fix, project, default_enabled: false) push_frontend_feature_flag(:security_auto_fix, project, default_enabled: false)
push_frontend_feature_flag(:sec_dependency_scanning_ui_enable, project, default_enabled: :yaml) push_frontend_feature_flag(:sec_dependency_scanning_ui_enable, project, default_enabled: :yaml)
push_frontend_feature_flag(:dast_configuration_ui, project, default_enabled: :yaml)
end end
before_action only: [:auto_fix] do before_action only: [:auto_fix] do
......
...@@ -11,7 +11,6 @@ module Projects ...@@ -11,7 +11,6 @@ module Projects
feature_category :dynamic_application_security_testing feature_category :dynamic_application_security_testing
def show def show
not_found unless Feature.enabled?(:dast_configuration_ui, @project, default_enabled: :yaml)
end end
end end
end end
......
...@@ -212,7 +212,6 @@ module EE ...@@ -212,7 +212,6 @@ module EE
def dast_configuration_variables def dast_configuration_variables
::Gitlab::Ci::Variables::Collection.new.tap do |collection| ::Gitlab::Ci::Variables::Collection.new.tap do |collection|
break collection unless ::Feature.enabled?(:dast_configuration_ui, project, default_enabled: :yaml)
break collection unless (dast_configuration = options[:dast_configuration]) break collection unless (dast_configuration = options[:dast_configuration])
if dast_configuration[:site_profile] && dast_site_profile if dast_configuration[:site_profile] && dast_site_profile
......
...@@ -91,7 +91,7 @@ module Projects ...@@ -91,7 +91,7 @@ module Projects
def configuration_path(type) def configuration_path(type)
{ {
sast: project_security_configuration_sast_path(project), sast: project_security_configuration_sast_path(project),
dast: ::Feature.enabled?(:dast_configuration_ui, project, default_enabled: :yaml) ? project_security_configuration_dast_path(project) : nil, dast: project_security_configuration_dast_path(project),
dast_profiles: project_security_configuration_dast_scans_path(project), dast_profiles: project_security_configuration_dast_scans_path(project),
api_fuzzing: project_security_configuration_api_fuzzing_path(project) api_fuzzing: project_security_configuration_api_fuzzing_path(project)
}[type] }[type]
......
...@@ -17,8 +17,7 @@ module AppSec ...@@ -17,8 +17,7 @@ module AppSec
private private
def allowed? def allowed?
can?(current_user, :create_on_demand_dast_scan, project) && can?(current_user, :create_on_demand_dast_scan, project)
::Feature.enabled?(:dast_configuration_ui, project, default_enabled: :yaml)
end end
def errors def errors
......
---
name: dast_configuration_ui
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/62014
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/330728
milestone: '14.1'
type: development
group: group::dynamic analysis
default_enabled: true
...@@ -58,20 +58,7 @@ RSpec.describe Gitlab::Ci::Pipeline::Seed::Build do ...@@ -58,20 +58,7 @@ RSpec.describe Gitlab::Ci::Pipeline::Seed::Build do
it_behaves_like 'an insufficient permissions error' it_behaves_like 'an insufficient permissions error'
end end
context 'when the feature is not enabled' do context 'dast configuration' do
before do
stub_feature_flags(dast_configuration_ui: false)
end
it_behaves_like 'it does not change build attributes'
it_behaves_like 'an insufficient permissions error'
end
context 'when the feature is enabled' do
before do
stub_feature_flags(dast_configuration_ui: true)
end
shared_examples 'it looks up dast profiles in the database' do |dast_profile_name_key| shared_examples 'it looks up dast profiles in the database' do |dast_profile_name_key|
let(:profile_name) { public_send(dast_profile_name_key) } let(:profile_name) { public_send(dast_profile_name_key) }
......
...@@ -195,16 +195,6 @@ RSpec.describe Ci::Build do ...@@ -195,16 +195,6 @@ RSpec.describe Ci::Build do
end end
end end
end end
context 'when feature is disabled' do
before do
stub_feature_flags(dast_configuration_ui: false)
end
it_behaves_like 'it excludes variables' do
let(:expected_variables) { dast_site_profile.ci_variables.concat(dast_site_profile.secret_ci_variables(user)) }
end
end
end end
context 'when there is a dast_scanner_profile associated with the job' do context 'when there is a dast_scanner_profile associated with the job' do
...@@ -216,16 +206,6 @@ RSpec.describe Ci::Build do ...@@ -216,16 +206,6 @@ RSpec.describe Ci::Build do
let(:expected_variables) { dast_scanner_profile.ci_variables } let(:expected_variables) { dast_scanner_profile.ci_variables }
end end
end end
context 'when feature is disabled' do
before do
stub_feature_flags(dast_configuration_ui: false)
end
it_behaves_like 'it excludes variables' do
let(:expected_variables) { dast_scanner_profile.ci_variables }
end
end
end end
context 'when there are profiles associated with the job' do context 'when there are profiles associated with the job' do
......
...@@ -9,7 +9,6 @@ RSpec.describe Projects::Security::DastConfigurationController, type: :request d ...@@ -9,7 +9,6 @@ RSpec.describe Projects::Security::DastConfigurationController, type: :request d
describe 'GET #show' do describe 'GET #show' do
before do before do
stub_licensed_features(security_dashboard: true) stub_licensed_features(security_dashboard: true)
stub_feature_flags(dast_configuration_ui: true)
login_as(user) login_as(user)
end end
...@@ -60,19 +59,6 @@ RSpec.describe Projects::Security::DastConfigurationController, type: :request d ...@@ -60,19 +59,6 @@ RSpec.describe Projects::Security::DastConfigurationController, type: :request d
expect(response).to have_gitlab_http_status(:not_found) expect(response).to have_gitlab_http_status(:not_found)
end end
end end
context 'feature flag is disabled' do
before do
stub_feature_flags(dast_configuration_ui: false)
project.add_developer(user)
end
it 'sees a 404 error' do
get project_security_configuration_dast_path(project)
expect(response).to have_gitlab_http_status(:not_found)
end
end
end end
end end
end end
...@@ -74,60 +74,44 @@ RSpec.describe Ci::CreatePipelineService do ...@@ -74,60 +74,44 @@ RSpec.describe Ci::CreatePipelineService do
allow(project).to receive(:licensed_features).and_return(project_features << :dast) allow(project).to receive(:licensed_features).and_return(project_features << :dast)
end end
context 'when the feature is not enabled' do context 'when the stage is dast' do
before do it 'persists dast_configuration in build options' do
stub_feature_flags(dast_configuration_ui: false) expect(dast_build.options).to include(dast_configuration: { site_profile: dast_site_profile.name, scanner_profile: dast_scanner_profile.name })
end end
it 'communicates failure' do it 'expands the dast variables' do
expect(subject.yaml_errors).to eq('Insufficient permissions for dast_configuration keyword') expect(dast_variables).to include(*dast_variables)
end end
end
context 'when the feature is enabled' do
before do
stub_feature_flags(dast_configuration_ui: true)
end
context 'when the stage is dast' do
it 'persists dast_configuration in build options' do
expect(dast_build.options).to include(dast_configuration: { site_profile: dast_site_profile.name, scanner_profile: dast_scanner_profile.name })
end
it 'expands the dast variables' do
expect(dast_variables).to include(*dast_variables)
end
context 'when the user has permission' do context 'when the user has permission' do
it 'expands the secret dast variables' do it 'expands the secret dast variables' do
expect(dast_variables).to include(*dast_secret_variables) expect(dast_variables).to include(*dast_secret_variables)
end
end end
end
shared_examples 'a missing profile' do shared_examples 'a missing profile' do
it 'communicates failure' do it 'communicates failure' do
expect(subject.yaml_errors).to eq("DAST profile not found: #{profile.name}") expect(subject.yaml_errors).to eq("DAST profile not found: #{profile.name}")
end
end end
end
context 'when the site profile does not exist' do context 'when the site profile does not exist' do
let(:dast_site_profile) { double(DastSiteProfile, name: SecureRandom.hex) } let(:dast_site_profile) { double(DastSiteProfile, name: SecureRandom.hex) }
let(:profile) { dast_site_profile } let(:profile) { dast_site_profile }
it_behaves_like 'a missing profile' it_behaves_like 'a missing profile'
end end
context 'when the scanner profile does not exist' do context 'when the scanner profile does not exist' do
let(:dast_scanner_profile) { double(DastScannerProfile, name: SecureRandom.hex) } let(:dast_scanner_profile) { double(DastScannerProfile, name: SecureRandom.hex) }
let(:profile) { dast_scanner_profile } let(:profile) { dast_scanner_profile }
it_behaves_like 'a missing profile' it_behaves_like 'a missing profile'
end
end end
end
context 'when the stage is not dast' do context 'when the stage is not dast' do
it_behaves_like 'it does not expand the dast variables' it_behaves_like 'it does not expand the dast variables'
end
end end
end end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment