Commit 41568c88 authored by Philip Cunningham's avatar Philip Cunningham Committed by Mark Florian

Remove dast_branch_selection feature flag [RUN ALL RSPEC] [RUN AS-IF-FOSS]

parent 0e881b2f
......@@ -1960,7 +1960,7 @@ Represents a DAST Profile.
| Field | Type | Description |
| ----- | ---- | ----------- |
| `branch` | [`DastProfileBranch`](#dastprofilebranch) | The associated branch. Will always return `null` if `dast_branch_selection` feature flag is disabled. |
| `branch` | [`DastProfileBranch`](#dastprofilebranch) | The associated branch. |
| `dastScannerProfile` | [`DastScannerProfile`](#dastscannerprofile) | The associated scanner profile. |
| `dastSiteProfile` | [`DastSiteProfile`](#dastsiteprofile) | The associated site profile. |
| `description` | [`String`](#string) | The description of the scan. |
......
......@@ -820,6 +820,7 @@ Alternatively, you can use the CI/CD variable `SECURE_ANALYZERS_PREFIX` to overr
> - [Improved](https://gitlab.com/gitlab-org/gitlab/-/issues/218465) in GitLab 13.3.
> - The saved scans feature was [introduced](https://gitlab.com/groups/gitlab-org/-/epics/5100) in GitLab 13.9.
> - The option to select a branch was [introduced](https://gitlab.com/groups/gitlab-org/-/epics/4847) in GitLab 13.10.
> - DAST branch selection [feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/322672) in GitLab 13.11.
An on-demand DAST scan runs outside the DevOps life cycle. Changes in your repository don't trigger
the scan. You must start it manually.
......@@ -831,10 +832,7 @@ An on-demand DAST scan:
- Is associated with your project's default branch.
- Is saved on creation so it can be run later.
In GitLab 13.10 and later, you can select to run an on-demand scan against a specific branch. This
feature is [deployed behind a feature flag](../../feature_flags.md), enabled by default. It's
enabled on GitLab.com and recommended for production use. [GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md)
can opt to disable it with `Feature.disable(:dast_branch_selection)`.
In GitLab 13.10 and later, you can select to run an on-demand scan against a specific branch.
### On-demand scan modes
......
......@@ -263,13 +263,11 @@ export default {
fullPath: this.projectPath,
dastScannerProfileId: this.selectedScannerProfile.id,
dastSiteProfileId: this.selectedSiteProfile.id,
branchName: this.selectedBranch,
...(this.isEdit ? { id: this.dastScan.id } : {}),
...serializeFormObject(this.form.fields),
[this.isEdit ? 'runAfterUpdate' : 'runAfterCreate']: runAfter,
};
if (this.glFeatures.dastBranchSelection) {
input.branchName = this.selectedBranch;
}
this.$apollo
.mutate({
......@@ -429,7 +427,7 @@ export default {
/>
</gl-form-group>
<gl-form-group v-if="glFeatures.dastBranchSelection" :label="__('Branch')">
<gl-form-group :label="__('Branch')">
<ref-selector
v-model="selectedBranch"
data-testid="dast-scan-branch-input"
......
......@@ -107,11 +107,7 @@ export default {
>
<template #cell(name)="{ item: { name, branch, editPath } }">
{{ name }}
<dast-scan-branch
v-if="glFeatures.dastBranchSelection"
:branch="branch"
:edit-path="editPath"
/>
<dast-scan-branch :branch="branch" :edit-path="editPath" />
</template>
<!-- eslint-disable-next-line vue/valid-v-slot -->
......
......@@ -6,7 +6,6 @@ module Projects
before_action do
push_frontend_feature_flag(:security_dast_site_profiles_additional_fields, @project, default_enabled: :yaml)
push_frontend_feature_flag(:dast_branch_selection, @project, default_enabled: :yaml)
end
before_action :authorize_read_on_demand_scans!, only: :index
......
......@@ -8,7 +8,6 @@ module Projects
before_action do
authorize_read_on_demand_scans!
push_frontend_feature_flag(:dast_failed_site_validations, @project, default_enabled: :yaml)
push_frontend_feature_flag(:dast_branch_selection, @project, default_enabled: :yaml)
end
feature_category :dynamic_application_security_testing
......
......@@ -31,8 +31,7 @@ module Mutations
argument :branch_name, GraphQL::STRING_TYPE,
required: false,
description: 'The associated branch. Will be ignored ' \
'if `dast_branch_selection` feature flag is disabled.'
description: 'The associated branch.'
argument :dast_site_profile_id, ::Types::GlobalIDType[::DastSiteProfile],
required: true,
......@@ -68,7 +67,7 @@ module Mutations
project: project,
name: name,
description: description,
branch_name: feature_flagged_branch_name(project, branch_name),
branch_name: branch_name,
dast_site_profile: dast_site_profile,
dast_scanner_profile: dast_scanner_profile,
run_after_create: run_after_create
......@@ -85,12 +84,6 @@ module Mutations
def allowed?(project)
project.feature_available?(:security_on_demand_scans)
end
def feature_flagged_branch_name(project, branch_name)
return unless Feature.enabled?(:dast_branch_selection, project, default_enabled: :yaml)
branch_name
end
end
end
end
......
......@@ -41,8 +41,7 @@ module Mutations
argument :branch_name, GraphQL::STRING_TYPE,
required: false,
description: 'The associated branch. Will be ignored ' \
'if `dast_branch_selection` feature flag is disabled.'
description: 'The associated branch.'
argument :dast_site_profile_id, SiteProfileID,
required: false,
......@@ -70,7 +69,7 @@ module Mutations
dast_profile: dast_profile,
name: name,
description: description,
branch_name: feature_flagged_branch_name(project, branch_name) || dast_profile.branch_name,
branch_name: branch_name,
dast_site_profile_id: as_model_id(SiteProfileID, dast_site_profile_id),
dast_scanner_profile_id: as_model_id(ScannerProfileID, dast_scanner_profile_id),
run_after_update: run_after_update
......@@ -108,12 +107,6 @@ module Mutations
.execute
.first
end
def feature_flagged_branch_name(project, branch_name)
return unless Feature.enabled?(:dast_branch_selection, project, default_enabled: :yaml)
branch_name
end
end
end
end
......
......@@ -24,19 +24,12 @@ module Types
description: 'The associated scanner profile.'
field :branch, Dast::ProfileBranchType, null: true,
description: 'The associated branch. Will always return `null` ' \
'if `dast_branch_selection` feature flag is disabled.',
description: 'The associated branch.',
calls_gitaly: true
field :edit_path, GraphQL::STRING_TYPE, null: true,
description: 'Relative web path to the edit page of a profile.'
def branch
return unless Feature.enabled?(:dast_branch_selection, object.project, default_enabled: :yaml)
object.branch
end
def edit_path
Gitlab::Routing.url_helpers.edit_project_on_demand_scan_path(object.project, object)
end
......
---
title: Remove dast_branch_selection feature flag
merge_request: 59349
author:
type: other
---
name: dast_branch_selection
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/55015
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/322672
milestone: '13.10'
type: development
group: group::dynamic analysis
default_enabled: true
......@@ -157,9 +157,6 @@ describe('OnDemandScansForm', () => {
siteProfilesLibraryPath,
newScannerProfilePath,
newSiteProfilePath,
glFeatures: {
dastBranchSelection: true,
},
},
stubs: {
GlFormInput: GlFormInputStub,
......@@ -662,99 +659,4 @@ describe('OnDemandScansForm', () => {
);
});
});
describe('dastBranchSelection feature flag disabled', () => {
describe.each`
action | actionFunction | runAfter
${'submit'} | ${submitForm} | ${true}
${'save'} | ${saveScan} | ${false}
`('on $action', ({ actionFunction, runAfter }) => {
describe('when creating a new scan', () => {
beforeEach(async () => {
createShallowComponent({
provide: {
glFeatures: {
dastBranchSelection: false,
},
},
});
wrapper.vm.$apollo.mutate.mockResolvedValue({
data: {
dastProfileCreate: {
dastProfile: { editPath },
pipelineUrl,
errors: [],
},
},
});
findNameInput().vm.$emit('input', 'My daily scan');
findScannerProfilesSelector().vm.$emit('input', passiveScannerProfile.id);
findSiteProfilesSelector().vm.$emit('input', nonValidatedSiteProfile.id);
await wrapper.vm.$nextTick();
actionFunction();
});
it(`triggers dastProfileCreateMutation mutation without the branch name and runAfterCreate set to ${runAfter}`, async () => {
expect(wrapper.vm.$apollo.mutate).toHaveBeenCalledWith({
mutation: dastProfileCreateMutation,
variables: {
input: {
name: 'My daily scan',
dastScannerProfileId: passiveScannerProfile.id,
dastSiteProfileId: nonValidatedSiteProfile.id,
fullPath: projectPath,
runAfterCreate: runAfter,
},
},
});
});
});
describe('when editing an existing scan', () => {
beforeEach(async () => {
createShallowComponent({
propsData: {
dastScan,
},
provide: {
glFeatures: {
dastBranchSelection: false,
},
},
});
wrapper.vm.$apollo.mutate.mockResolvedValue({
data: {
dastProfileUpdate: {
dastProfile: { editPath },
pipelineUrl,
errors: [],
},
},
});
findNameInput().vm.$emit('input', 'My daily scan');
findScannerProfilesSelector().vm.$emit('input', passiveScannerProfile.id);
findSiteProfilesSelector().vm.$emit('input', nonValidatedSiteProfile.id);
await wrapper.vm.$nextTick();
actionFunction();
});
it(`triggers dastProfileUpdateMutation mutation without the branch name and runAfterUpdate set to ${runAfter}`, async () => {
expect(wrapper.vm.$apollo.mutate).toHaveBeenCalledWith({
mutation: dastProfileUpdateMutation,
variables: {
input: {
id: 1,
name: 'My daily scan',
description: 'Tests for SQL injections',
dastScannerProfileId: passiveScannerProfile.id,
dastSiteProfileId: nonValidatedSiteProfile.id,
fullPath: projectPath,
runAfterUpdate: runAfter,
},
},
});
});
});
});
});
});
......@@ -39,11 +39,6 @@ describe('EE - DastSavedScansList', () => {
Component,
merge(
{
provide: {
glFeatures: {
dastBranchSelection: true,
},
},
propsData: defaultProps,
},
options,
......@@ -195,19 +190,4 @@ describe('EE - DastSavedScansList', () => {
expect(redirectTo).not.toHaveBeenCalled();
});
});
describe('dastBranchSelection feature flag disabled', () => {
it('does not render branch information', () => {
createFullComponent({
provide: {
glFeatures: {
dastBranchSelection: false,
},
},
propsData: { profiles: savedScans },
});
expect(wrapper.findAll(DastScanBranch)).toHaveLength(0);
});
});
});
......@@ -52,18 +52,8 @@ RSpec.describe Mutations::Dast::Profiles::Create do
end
context "when branch_name='orphaned_branch'" do
context 'when the feature flag dast_branch_selection is disabled' do
it 'does not set the branch_name' do
stub_feature_flags(dast_branch_selection: false)
expect(subject[:dast_profile].branch_name).to be_nil
end
end
context 'when the feature flag dast_branch_selection is enabled' do
it 'sets the branch_name' do
expect(subject[:dast_profile].branch_name).to eq(project.default_branch)
end
it 'sets the branch_name' do
expect(subject[:dast_profile].branch_name).to eq(project.default_branch)
end
end
end
......
......@@ -89,14 +89,6 @@ RSpec.describe Mutations::Dast::Profiles::Update do
end
end
context 'when the feature flag dast_branch_selection is disabled' do
it 'does not set the branch_name' do
stub_feature_flags(dast_branch_selection: false)
expect(subject[:dast_profile].branch_name).to eq(dast_profile.branch_name)
end
end
context 'when the dast_profile does not exist' do
let(:dast_profile_gid) { Gitlab::GlobalId.build(nil, model_name: 'Dast::Profile', id: 'does_not_exist') }
......
......@@ -21,20 +21,10 @@ RSpec.describe GitlabSchema.types['DastProfile'] do
it { expect(described_class).to have_graphql_field(:branch, calls_gitaly?: true) }
describe 'branch field' do
context 'when the feature flag is disabled' do
it 'resolves nil' do
stub_feature_flags(dast_branch_selection: false)
expect(resolve_field(:branch, object, current_user: user)).to eq(nil)
end
end
context 'when the feature flag is enabled' do
it 'correctly resolves the field' do
expected_result = Dast::Branch.new(object)
it 'correctly resolves the field' do
expected_result = Dast::Branch.new(object)
expect(resolve_field(:branch, object, current_user: user)).to eq(expected_result)
end
expect(resolve_field(:branch, object, current_user: user)).to eq(expected_result)
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment