Support for Compliance Pipeline configuration location

Allows pipeline configuration location to be set while
creating or updating compliance frameworks.

changelogs/unreleased/compliance_pipeline_configuration.yml

+---
+title: Database migration for compliance pipeline configuration location
+merge_request: 51663
+author:
+type: added

db/migrate/20210113224909_add_pipeline_configuration_full_path_to_compliance_pipeline.rb

+# frozen_string_literal: true
+
+class AddPipelineConfigurationFullPathToCompliancePipeline < ActiveRecord::Migration[6.0]
+  DOWNTIME = false
+
+  # rubocop:disable Migration/AddLimitToTextColumns
+  # limit is added in 20210119162812_add_text_limit_to_compliance_pipeline_configuration_full_path.rb
+  def up
+    add_column :compliance_management_frameworks, :pipeline_configuration_full_path, :text
+  end
+  # rubocop:enable Migration/AddLimitToTextColumns
+
+  def down
+    remove_column :compliance_management_frameworks, :pipeline_configuration_full_path
+  end
+end

db/migrate/20210119162812_add_text_limit_to_compliance_pipeline_configuration_full_path.rb

+# frozen_string_literal: true
+
+class AddTextLimitToCompliancePipelineConfigurationFullPath < ActiveRecord::Migration[6.0]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    add_text_limit :compliance_management_frameworks, :pipeline_configuration_full_path, 255
+  end
+
+  def down
+    remove_text_limit :compliance_management_frameworks, :pipeline_configuration_full_path
+  end
+end

db/schema_migrations/20210113224909

+e6841491cd7d2cc015fd628f5c14270720d59cbb17b7efb160937963f074f5c2
\ No newline at end of file

db/schema_migrations/20210119162812

+cd7643fc762d8b9236ef5ac7cc285ffbd29f1953178b9b6e129082efd7b9e07b
\ No newline at end of file

db/structure.sql

@@ -11457,9 +11457,11 @@ CREATE TABLE compliance_management_frameworks (
     color text NOT NULL,
     namespace_id integer NOT NULL,
     regulated boolean DEFAULT true NOT NULL,
+    pipeline_configuration_full_path text,
     CONSTRAINT check_08cd34b2c2 CHECK ((char_length(color) <= 10)),
     CONSTRAINT check_1617e0b87e CHECK ((char_length(description) <= 255)),
-    CONSTRAINT check_ab00bc2193 CHECK ((char_length(name) <= 255))
+    CONSTRAINT check_ab00bc2193 CHECK ((char_length(name) <= 255)),
+    CONSTRAINT check_e7a9972435 CHECK ((char_length(pipeline_configuration_full_path) <= 255))
 );
 
 CREATE SEQUENCE compliance_management_frameworks_id_seq

doc/api/graphql/reference/gitlab_schema.graphql

@@ -3808,6 +3808,12 @@ type ComplianceFramework {
   Name of the compliance framework
   """
   name: String!
+
+  """
+  Full path of the compliance pipeline configuration stored in a project
+  repository, such as `.gitlab/compliance/soc2/.gitlab-ci.yml`.
+  """
+  pipelineConfigurationFullPath: String
 }
 
 """
@@ -3860,6 +3866,12 @@ input ComplianceFrameworkInput {
   New name for the compliance framework.
   """
   name: String
+
+  """
+  Full path of the compliance pipeline configuration stored in a project
+  repository, such as `.gitlab/compliance/soc2/.gitlab-ci.yml`.
+  """
+  pipelineConfigurationFullPath: String
 }
 
 """

doc/api/graphql/reference/gitlab_schema.json

@@ -10370,6 +10370,20 @@
               },
               "isDeprecated": false,
               "deprecationReason": null
+            },
+            {
+              "name": "pipelineConfigurationFullPath",
+              "description": "Full path of the compliance pipeline configuration stored in a project repository, such as `.gitlab/compliance/soc2/.gitlab-ci.yml`.",
+              "args": [
+
+              ],
+              "type": {
+                "kind": "SCALAR",
+                "name": "String",
+                "ofType": null
+              },
+              "isDeprecated": false,
+              "deprecationReason": null
             }
           ],
           "inputFields": null,
@@ -10526,6 +10540,16 @@
                 "ofType": null
               },
               "defaultValue": null
+            },
+            {
+              "name": "pipelineConfigurationFullPath",
+              "description": "Full path of the compliance pipeline configuration stored in a project repository, such as `.gitlab/compliance/soc2/.gitlab-ci.yml`.",
+              "type": {
+                "kind": "SCALAR",
+                "name": "String",
+                "ofType": null
+              },
+              "defaultValue": null
             }
           ],
           "interfaces": null,

doc/api/graphql/reference/index.md

@@ -591,6 +591,7 @@ Represents a ComplianceFramework associated with a Project.
 | `description` | String! | Description of the compliance framework |
 | `id` | ID! | Compliance framework ID |
 | `name` | String! | Name of the compliance framework |
+| `pipelineConfigurationFullPath` | String | Full path of the compliance pipeline configuration stored in a project repository, such as `.gitlab/compliance/soc2/.gitlab-ci.yml`. |
 
 ### ConfigureSastPayload
 

ee/app/graphql/types/compliance_management/compliance_framework_input_type.rb

@@ -20,6 +20,11 @@ module Types
                GraphQL::STRING_TYPE,
                required: false,
                description: 'New color representation of the compliance framework in hex format. e.g. #FCA121.'
+
+      argument :pipeline_configuration_full_path,
+               GraphQL::STRING_TYPE,
+               required: false,
+               description: 'Full path of the compliance pipeline configuration stored in a project repository, such as `.gitlab/compliance/soc2/.gitlab-ci.yml`.'
     end
   end
 end

ee/app/graphql/types/compliance_management/compliance_framework_type.rb

@@ -22,6 +22,10 @@ module Types
       field :color, GraphQL::STRING_TYPE,
             null: false,
             description: 'Hexadecimal representation of compliance framework\'s label color'
+
+      field :pipeline_configuration_full_path, GraphQL::STRING_TYPE,
+            null: true,
+            description: 'Full path of the compliance pipeline configuration stored in a project repository, such as `.gitlab/compliance/soc2/.gitlab-ci.yml`.'
     end
   end
 end

ee/app/models/compliance_management/framework.rb

@@ -68,6 +68,7 @@ module ComplianceManagement
     validates :color, color: true, allow_blank: false, length: { maximum: 10 }
     validates :regulated, presence: true
     validates :namespace_id, uniqueness: { scope: :name }
+    validates :pipeline_configuration_full_path, length: { maximum: 255 }
 
     scope :with_projects, ->(project_ids) { includes(:projects).where(projects: { id: project_ids }) }
     scope :with_namespaces, ->(namespace_ids) { includes(:namespace).where(namespaces: { id: namespace_ids })}

ee/app/services/compliance_management/frameworks/create_service.rb

@@ -17,7 +17,8 @@ module ComplianceManagement
           namespace: namespace,
           name: params[:name],
           description: params[:description],
-          color: params[:color]
+          color: params[:color],
+          pipeline_configuration_full_path: params[:pipeline_configuration_full_path]
         )
 
         return ServiceResponse.error(message: 'Not permitted to create framework') unless permitted?

ee/spec/graphql/ee/types/compliance_management/compliance_framework_type_spec.rb

@@ -10,6 +10,7 @@ RSpec.describe GitlabSchema.types['ComplianceFramework'] do
     name
     description
     color
+    pipeline_configuration_full_path
   ]
 
   it 'has the correct fields' do

ee/spec/graphql/mutations/compliance_management/frameworks/create_spec.rb

@@ -106,7 +106,8 @@ RSpec.describe Mutations::ComplianceManagement::Frameworks::Create do
       params: {
         name: 'GDPR',
         description: 'Example description',
-        color: '#abc123'
+        color: '#abc123',
+        pipeline_configuration_full_path: 'compliance/.gitlab-ci.yml'
       }
     }
   end

ee/spec/models/compliance_management/framework_spec.rb

@@ -14,6 +14,7 @@ RSpec.describe ComplianceManagement::Framework do
     it { is_expected.to validate_length_of(:description).is_at_most(255) }
     it { is_expected.to validate_length_of(:color).is_at_most(10) }
     it { is_expected.to validate_presence_of(:regulated) }
+    it { is_expected.to validate_length_of(:pipeline_configuration_full_path).is_at_most(255) }
   end
 
   describe 'color' do

ee/spec/requests/api/graphql/mutations/compliance_management/frameworks/create_spec.rb

@@ -15,7 +15,8 @@ RSpec.describe 'Create a Compliance Framework' do
       params: {
         name: 'GDPR',
         description: 'Example Description',
-        color: '#ABC123'
+        color: '#ABC123',
+        pipeline_configuration_full_path: 'compliance/.gitlab-ci.yml'
       }
     )
   end
@@ -31,12 +32,13 @@ RSpec.describe 'Create a Compliance Framework' do
       expect { subject }.to change { namespace.compliance_management_frameworks.count }.by 1
     end
 
-    it 'returns the newly created framework' do
+    it 'returns the newly created framework', :aggregate_failures do
       subject
 
       expect(mutation_response['framework']['color']).to eq '#ABC123'
       expect(mutation_response['framework']['name']).to eq 'GDPR'
       expect(mutation_response['framework']['description']).to eq 'Example Description'
+      expect(mutation_response['framework']['pipelineConfigurationFullPath']).to eq 'compliance/.gitlab-ci.yml'
     end
   end
 

ee/spec/requests/api/graphql/mutations/compliance_management/frameworks/update_spec.rb

@@ -13,7 +13,8 @@ RSpec.describe 'Update a compliance framework' do
       params: {
         name: 'New Name',
         description: 'New Description',
-        color: '#AAC112'
+        color: '#AAC112',
+        pipeline_configuration_full_path: 'compliance/.gitlab-ci.yml'
       }
     }
   end
@@ -55,12 +56,13 @@ RSpec.describe 'Update a compliance framework' do
         expect(mutation_response['errors']).to be_empty
       end
 
-      it 'returns the updated framework' do
+      it 'returns the updated framework', :aggregate_failures do
         subject
 
         expect(mutation_response['complianceFramework']['name']).to eq 'New Name'
         expect(mutation_response['complianceFramework']['description']).to eq 'New Description'
         expect(mutation_response['complianceFramework']['color']).to eq '#AAC112'
+        expect(mutation_response['complianceFramework']['pipelineConfigurationFullPath']).to eq 'compliance/.gitlab-ci.yml'
       end
 
       context 'current_user is not permitted to update framework' do

ee/spec/services/compliance_management/frameworks/create_service_spec.rb

@@ -8,7 +8,8 @@ RSpec.describe ComplianceManagement::Frameworks::CreateService do
     {
       name: 'GDPR',
       description: 'The EUs data protection directive',
-      color: '#abc123'
+      color: '#abc123',
+      pipeline_configuration_full_path: 'compliance/.gitlab-ci.yml'
     }
   end
 
@@ -88,6 +89,7 @@ RSpec.describe ComplianceManagement::Frameworks::CreateService do
         expect(framework.name).to eq('GDPR')
         expect(framework.description).to eq('The EUs data protection directive')
         expect(framework.color).to eq('#abc123')
+        expect(framework.pipeline_configuration_full_path).to eq('compliance/.gitlab-ci.yml')
       end
     end
   end