Commit 44288553 authored by Vitaly Slobodin's avatar Vitaly Slobodin

Merge branch 'remove_dependency_for_vulnerability_check' into 'master'

Remove job dependency for Vulnerability-Check

See merge request gitlab-org/gitlab!64333
parents 41994327 76551c13
...@@ -209,7 +209,6 @@ request contains a denied license. For more details, see [Enabling license appro ...@@ -209,7 +209,6 @@ request contains a denied license. For more details, see [Enabling license appro
Prerequisites: Prerequisites:
- At least one [security scanner job](#security-scanning-tools) must be enabled.
- Maintainer or Owner [role](../permissions.md#project-members-permissions). - Maintainer or Owner [role](../permissions.md#project-members-permissions).
For this approval group, you must set the number of approvals required to greater than zero. For this approval group, you must set the number of approvals required to greater than zero.
......
<script> <script>
import { GlDeprecatedSkeletonLoading as GlSkeletonLoading } from '@gitlab/ui'; import { GlDeprecatedSkeletonLoading as GlSkeletonLoading } from '@gitlab/ui';
import { camelCase } from 'lodash';
import { mapState, mapActions } from 'vuex'; import { mapState, mapActions } from 'vuex';
import { LICENSE_CHECK_NAME, VULNERABILITY_CHECK_NAME, JOB_TYPES } from 'ee/approvals/constants'; import {
LICENSE_CHECK_NAME,
VULNERABILITY_CHECK_NAME,
LICENSE_SCANNING,
} from 'ee/approvals/constants';
import { s__ } from '~/locale'; import { s__ } from '~/locale';
import UnconfiguredSecurityRule from './unconfigured_security_rule.vue'; import UnconfiguredSecurityRule from './unconfigured_security_rule.vue';
...@@ -21,16 +24,6 @@ export default { ...@@ -21,16 +24,6 @@ export default {
default: '', default: '',
}, },
}, },
featureTypes: {
vulnerabilityCheck: [
JOB_TYPES.SAST,
JOB_TYPES.DAST,
JOB_TYPES.DEPENDENCY_SCANNING,
JOB_TYPES.SECRET_DETECTION,
JOB_TYPES.COVERAGE_FUZZING,
],
licenseCheck: [JOB_TYPES.LICENSE_SCANNING],
},
computed: { computed: {
...mapState('securityConfiguration', ['configuration']), ...mapState('securityConfiguration', ['configuration']),
...mapState({ ...mapState({
...@@ -90,11 +83,12 @@ export default { ...@@ -90,11 +83,12 @@ export default {
}, },
hasConfiguredJob(matchRule) { hasConfiguredJob(matchRule) {
const { features = [] } = this.configuration; const { features = [] } = this.configuration;
return this.$options.featureTypes[camelCase(matchRule.name)].some((featureType) => { return (
return features.some((feature) => { matchRule.name !== LICENSE_CHECK_NAME ||
return feature.type === featureType && feature.configured; features.some((feature) => {
}); return feature.type === LICENSE_SCANNING && feature.configured;
}); })
);
}, },
}, },
}; };
......
...@@ -20,14 +20,7 @@ export const RULE_NAME_ANY_APPROVER = 'All Members'; ...@@ -20,14 +20,7 @@ export const RULE_NAME_ANY_APPROVER = 'All Members';
export const VULNERABILITY_CHECK_NAME = 'Vulnerability-Check'; export const VULNERABILITY_CHECK_NAME = 'Vulnerability-Check';
export const LICENSE_CHECK_NAME = 'License-Check'; export const LICENSE_CHECK_NAME = 'License-Check';
export const JOB_TYPES = { export const LICENSE_SCANNING = 'license_scanning';
SAST: 'sast',
DAST: 'dast',
DEPENDENCY_SCANNING: 'dependency_scanning',
SECRET_DETECTION: 'secret_detection',
COVERAGE_FUZZING: 'coverage_fuzzing',
LICENSE_SCANNING: 'license_scanning',
};
export const APPROVAL_RULE_CONFIGS = { export const APPROVAL_RULE_CONFIGS = {
[VULNERABILITY_CHECK_NAME]: { [VULNERABILITY_CHECK_NAME]: {
......
...@@ -79,7 +79,7 @@ module EE ...@@ -79,7 +79,7 @@ module EE
'eligible_approvers_docs_path': help_page_path('user/project/merge_requests/approvals/rules', anchor: 'eligible-approvers'), 'eligible_approvers_docs_path': help_page_path('user/project/merge_requests/approvals/rules', anchor: 'eligible-approvers'),
'security_approvals_help_page_path': help_page_path('user/application_security/index', anchor: 'security-approvals-in-merge-requests'), 'security_approvals_help_page_path': help_page_path('user/application_security/index', anchor: 'security-approvals-in-merge-requests'),
'security_configuration_path': project_security_configuration_path(project), 'security_configuration_path': project_security_configuration_path(project),
'vulnerability_check_help_page_path': help_page_path('user/application_security/index', anchor: 'enabling-security-approvals-within-a-project'), 'vulnerability_check_help_page_path': help_page_path('user/application_security/index', anchor: 'security-approvals-in-merge-requests'),
'license_check_help_page_path': help_page_path('user/application_security/index', anchor: 'enabling-license-approvals-within-a-project') 'license_check_help_page_path': help_page_path('user/application_security/index', anchor: 'enabling-license-approvals-within-a-project')
} }
} }
......
...@@ -56,6 +56,42 @@ describe('UnconfiguredSecurityRules component', () => { ...@@ -56,6 +56,42 @@ describe('UnconfiguredSecurityRules component', () => {
it('should render a unconfigured-security-rule component for every security rule ', () => { it('should render a unconfigured-security-rule component for every security rule ', () => {
expect(wrapper.findAll(UnconfiguredSecurityRule).length).toBe(2); expect(wrapper.findAll(UnconfiguredSecurityRule).length).toBe(2);
}); });
describe('when license_scanning is set to true', () => {
beforeEach(() => {
store.state.securityConfiguration.configuration = {
features: [{ type: 'license_scanning', configured: true }],
};
});
it('returns true', () => {
expect(wrapper.vm.hasConfiguredJob({ name: 'License-Check' })).toBe(true);
});
});
describe('when license_scanning is set to false', () => {
beforeEach(() => {
store.state.securityConfiguration.configuration = {
features: [{ type: 'license_scanning', configured: false }],
};
});
it('returns false', () => {
expect(wrapper.vm.hasConfiguredJob({ name: 'License-Check' })).toBe(false);
});
});
describe('when all other scanners are set to false', () => {
beforeEach(() => {
store.state.securityConfiguration.configuration = {
features: [{ type: 'container_scanning', configured: false }],
};
});
it('returns true', () => {
expect(wrapper.vm.hasConfiguredJob({ name: 'Vulnerability-Check' })).toBe(true);
});
});
}); });
describe.each` describe.each`
......
...@@ -378,7 +378,7 @@ RSpec.describe ProjectsHelper do ...@@ -378,7 +378,7 @@ RSpec.describe ProjectsHelper do
eligible_approvers_docs_path: help_page_path('user/project/merge_requests/approvals/rules', anchor: 'eligible-approvers'), eligible_approvers_docs_path: help_page_path('user/project/merge_requests/approvals/rules', anchor: 'eligible-approvers'),
security_approvals_help_page_path: help_page_path('user/application_security/index', anchor: 'security-approvals-in-merge-requests'), security_approvals_help_page_path: help_page_path('user/application_security/index', anchor: 'security-approvals-in-merge-requests'),
security_configuration_path: project_security_configuration_path(project), security_configuration_path: project_security_configuration_path(project),
vulnerability_check_help_page_path: help_page_path('user/application_security/index', anchor: 'enabling-security-approvals-within-a-project'), vulnerability_check_help_page_path: help_page_path('user/application_security/index', anchor: 'security-approvals-in-merge-requests'),
license_check_help_page_path: help_page_path('user/application_security/index', anchor: 'enabling-license-approvals-within-a-project') license_check_help_page_path: help_page_path('user/application_security/index', anchor: 'enabling-license-approvals-within-a-project')
}) })
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment