Skip to content

G
gitlab-ce
Commit 3ae6078a authored by James Lopez's avatar James Lopez
Browse files
Options

Merge branch 'remove_old_feature_flags' into 'master' 

Remove some old feature flags from devops::secure

See merge request gitlab-org/gitlab-ee!14983
parents ee9131e1 173e127a
Hide whitespace changes
Inline Side-by-side
Showing with 24 additions and 100 deletions
ee/app/models/ee/ci/build.rb
View file @ 3ae6078a
......@@ -49,15 +49,6 @@ module EE
def collect_security_reports!(security_reports)
each_report(::Ci::JobArtifact::SECURITY_REPORT_FILE_TYPES) do |file_type, blob|
next if file_type == "dependency_scanning" &&
::Feature.disabled?(:parse_dependency_scanning_reports, default_enabled: true)
next if file_type == "container_scanning" &&
::Feature.disabled?(:parse_container_scanning_reports, default_enabled: true)
next if file_type == "dast" &&
::Feature.disabled?(:parse_dast_reports, default_enabled: true)
security_reports.get_report(file_type).tap do |security_report|
next unless project.feature_available?(LICENSED_PARSER_FEATURES.fetch(file_type))
......
ee/app/models/ee/namespace.rb
View file @ 3ae6078a
......@@ -262,11 +262,10 @@ module EE
end
def store_security_reports_available?
::Feature.enabled?(:store_security_reports, self, default_enabled: true) && (
feature_available?(:sast) ||
feature_available?(:dependency_scanning) ||
feature_available?(:container_scanning) ||
feature_available?(:dast))
feature_available?(:sast) ||
feature_available?(:dependency_scanning) ||
feature_available?(:container_scanning) ||
feature_available?(:dast)
end
def free_plan?
......
ee/spec/models/ci/build_spec.rb
View file @ 3ae6078a
......@@ -159,48 +159,6 @@ describe Ci::Build do
end
end
context 'when Feature flag is disabled for Dependency Scanning reports parsing' do
before do
stub_feature_flags(parse_dependency_scanning_reports: false)
create(:ee_ci_job_artifact, :sast, job: job, project: job.project)
create(:ee_ci_job_artifact, :dependency_scanning, job: job, project: job.project)
end
it 'does NOT parse dependency scanning report' do
subject
expect(security_reports.reports.keys).to contain_exactly('sast')
end
end
context 'when Feature flag is disabled for Container Scanning reports parsing' do
before do
stub_feature_flags(parse_container_scanning_reports: false)
create(:ee_ci_job_artifact, :sast, job: job, project: job.project)
create(:ee_ci_job_artifact, :container_scanning, job: job, project: job.project)
end
it 'does NOT parse container scanning report' do
subject
expect(security_reports.reports.keys).to contain_exactly('sast')
end
end
context 'when Feature flag is disabled for DAST reports parsing' do
before do
stub_feature_flags(parse_dast_reports: false)
create(:ee_ci_job_artifact, :sast, job: job, project: job.project)
create(:ee_ci_job_artifact, :dast, job: job, project: job.project)
end
it 'does NOT parse dast report' do
subject
expect(security_reports.reports.keys).to contain_exactly('sast')
end
end
context 'when there is a corrupted sast report' do
before do
create(:ee_ci_job_artifact, :sast_with_corrupted_data, job: job, project: job.project)
......
ee/spec/models/namespace_spec.rb
View file @ 3ae6078a
......@@ -729,25 +729,15 @@ describe Namespace do
describe '#store_security_reports_available?' do
subject { namespace.store_security_reports_available? }
context 'when store_security_reports feature is enabled' do
before do
stub_feature_flags(store_security_reports: true)
stub_licensed_features(sast: true)
end
it 'returns true' do
expect(subject).to be_truthy
end
end
context 'when at least one security report feature is enabled' do
where(report_type: [:sast, :dast, :dependency_scanning, :container_scanning])
context 'when store_security_reports feature is disabled' do
before do
stub_feature_flags(store_security_reports: false)
stub_licensed_features(sast: true)
end
with_them do
before do
stub_licensed_features(report_type => true)
end
it 'returns false' do
expect(subject).to be_falsey
it { is_expected.to be true }
end
end
......@@ -756,9 +746,7 @@ describe Namespace do
stub_feature_flags(store_security_reports: true)
end
it 'returns false' do
expect(subject).to be_falsey
end
it { is_expected.to be false }
end
end
......
ee/spec/workers/store_security_reports_worker_spec.rb
View file @ 3ae6078a
......@@ -12,38 +12,26 @@ describe StoreSecurityReportsWorker do
allow(Ci::Pipeline).to receive(:find).with(pipeline.id) { pipeline }
end
context 'when all conditions are met' do
before do
stub_licensed_features(sast: true)
stub_feature_flags(store_security_reports: true)
end
it 'executes StoreReportsService for given pipeline' do
expect(Security::StoreReportsService).to receive(:new)
.with(pipeline).once.and_call_original
context 'when at least one security report feature is enabled' do
where(report_type: [:sast, :dast, :dependency_scanning, :container_scanning])
described_class.new.perform(pipeline.id)
end
end
context "when security reports feature is not available" do
let(:default_branch) { pipeline.ref }
with_them do
before do
stub_licensed_features(report_type => true)
end
it 'does not execute StoreReportsService' do
expect(Security::StoreReportsService).not_to receive(:new)
it 'executes StoreReportsService for given pipeline' do
expect(Security::StoreReportsService).to receive(:new)
.with(pipeline).once.and_call_original
described_class.new.perform(pipeline.id)
described_class.new.perform(pipeline.id)
end
end
end
context "when store security reports feature is not enabled" do
context "when security reports feature is not available" do
let(:default_branch) { pipeline.ref }
before do
stub_licensed_features(sast: true)
stub_feature_flags(store_security_reports: false)
end
it 'does not execute StoreReportsService' do
expect(Security::StoreReportsService).not_to receive(:new)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7