Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
50770766
Commit
50770766
authored
Aug 17, 2020
by
Philip Cunningham
Committed by
Ash McKenzie
Aug 17, 2020
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Enable on-demand DAST scan feature flag by default
Enables security_on_demand_scans_feature_flag by default.
parent
bb7b2a0b
Changes
10
Hide whitespace changes
Inline
Side-by-side
Showing
10 changed files
with
20 additions
and
8 deletions
+20
-8
ee/app/graphql/ee/types/project_type.rb
ee/app/graphql/ee/types/project_type.rb
+1
-1
ee/app/graphql/mutations/dast_on_demand_scans/create.rb
ee/app/graphql/mutations/dast_on_demand_scans/create.rb
+1
-1
ee/app/graphql/mutations/dast_scanner_profiles/create.rb
ee/app/graphql/mutations/dast_scanner_profiles/create.rb
+1
-1
ee/app/graphql/mutations/dast_site_profiles/create.rb
ee/app/graphql/mutations/dast_site_profiles/create.rb
+1
-1
ee/app/graphql/mutations/dast_site_profiles/delete.rb
ee/app/graphql/mutations/dast_site_profiles/delete.rb
+1
-1
ee/app/graphql/mutations/dast_site_profiles/update.rb
ee/app/graphql/mutations/dast_site_profiles/update.rb
+1
-1
ee/app/graphql/mutations/pipelines/run_dast_scan.rb
ee/app/graphql/mutations/pipelines/run_dast_scan.rb
+1
-1
ee/app/policies/ee/project_policy.rb
ee/app/policies/ee/project_policy.rb
+1
-1
ee/changelogs/unreleased/default-on-demand-dast-scan-feature-to-true-235105.yml
...ed/default-on-demand-dast-scan-feature-to-true-235105.yml
+5
-0
ee/config/feature_flags/development/security_on_demand_scans_feature_flag.yml
...ags/development/security_on_demand_scans_feature_flag.yml
+7
-0
No files found.
ee/app/graphql/ee/types/project_type.rb
View file @
50770766
...
@@ -17,7 +17,7 @@ module EE
...
@@ -17,7 +17,7 @@ module EE
null:
true
,
null:
true
,
description:
'The DAST scanner profiles associated with the project'
,
description:
'The DAST scanner profiles associated with the project'
,
resolve:
->
(
project
,
_args
,
_ctx
)
do
resolve:
->
(
project
,
_args
,
_ctx
)
do
return
DastScannerProfile
.
none
unless
::
Feature
.
enabled?
(
:security_on_demand_scans_feature_flag
,
project
)
return
DastScannerProfile
.
none
unless
::
Feature
.
enabled?
(
:security_on_demand_scans_feature_flag
,
project
,
default_enabled:
true
)
project
.
dast_scanner_profiles
project
.
dast_scanner_profiles
end
end
...
...
ee/app/graphql/mutations/dast_on_demand_scans/create.rb
View file @
50770766
...
@@ -25,7 +25,7 @@ module Mutations
...
@@ -25,7 +25,7 @@ module Mutations
def
resolve
(
full_path
:,
dast_site_profile_id
:)
def
resolve
(
full_path
:,
dast_site_profile_id
:)
project
=
authorized_find!
(
full_path:
full_path
)
project
=
authorized_find!
(
full_path:
full_path
)
raise_resource_not_available_error!
unless
Feature
.
enabled?
(
:security_on_demand_scans_feature_flag
,
project
)
raise_resource_not_available_error!
unless
Feature
.
enabled?
(
:security_on_demand_scans_feature_flag
,
project
,
default_enabled:
true
)
dast_site_profile
=
find_dast_site_profile
(
project:
project
,
dast_site_profile_id:
dast_site_profile_id
)
dast_site_profile
=
find_dast_site_profile
(
project:
project
,
dast_site_profile_id:
dast_site_profile_id
)
dast_site
=
dast_site_profile
.
dast_site
dast_site
=
dast_site_profile
.
dast_site
...
...
ee/app/graphql/mutations/dast_scanner_profiles/create.rb
View file @
50770766
...
@@ -31,7 +31,7 @@ module Mutations
...
@@ -31,7 +31,7 @@ module Mutations
def
resolve
(
full_path
:,
profile_name
:,
spider_timeout:
nil
,
target_timeout:
nil
)
def
resolve
(
full_path
:,
profile_name
:,
spider_timeout:
nil
,
target_timeout:
nil
)
project
=
authorized_find!
(
full_path:
full_path
)
project
=
authorized_find!
(
full_path:
full_path
)
raise_resource_not_available_error!
unless
Feature
.
enabled?
(
:security_on_demand_scans_feature_flag
,
project
)
raise_resource_not_available_error!
unless
Feature
.
enabled?
(
:security_on_demand_scans_feature_flag
,
project
,
default_enabled:
true
)
service
=
::
DastScannerProfiles
::
CreateService
.
new
(
project
,
current_user
)
service
=
::
DastScannerProfiles
::
CreateService
.
new
(
project
,
current_user
)
result
=
service
.
execute
(
name:
profile_name
,
spider_timeout:
spider_timeout
,
target_timeout:
target_timeout
)
result
=
service
.
execute
(
name:
profile_name
,
spider_timeout:
spider_timeout
,
target_timeout:
target_timeout
)
...
...
ee/app/graphql/mutations/dast_site_profiles/create.rb
View file @
50770766
...
@@ -27,7 +27,7 @@ module Mutations
...
@@ -27,7 +27,7 @@ module Mutations
def
resolve
(
full_path
:,
profile_name
:,
target_url:
nil
)
def
resolve
(
full_path
:,
profile_name
:,
target_url:
nil
)
project
=
authorized_find!
(
full_path:
full_path
)
project
=
authorized_find!
(
full_path:
full_path
)
raise_resource_not_available_error!
unless
Feature
.
enabled?
(
:security_on_demand_scans_feature_flag
,
project
)
raise_resource_not_available_error!
unless
Feature
.
enabled?
(
:security_on_demand_scans_feature_flag
,
project
,
default_enabled:
true
)
service
=
::
DastSiteProfiles
::
CreateService
.
new
(
project
,
current_user
)
service
=
::
DastSiteProfiles
::
CreateService
.
new
(
project
,
current_user
)
result
=
service
.
execute
(
name:
profile_name
,
target_url:
target_url
)
result
=
service
.
execute
(
name:
profile_name
,
target_url:
target_url
)
...
...
ee/app/graphql/mutations/dast_site_profiles/delete.rb
View file @
50770766
...
@@ -19,7 +19,7 @@ module Mutations
...
@@ -19,7 +19,7 @@ module Mutations
def
resolve
(
full_path
:,
id
:)
def
resolve
(
full_path
:,
id
:)
project
=
authorized_find!
(
full_path:
full_path
)
project
=
authorized_find!
(
full_path:
full_path
)
raise_resource_not_available_error!
unless
Feature
.
enabled?
(
:security_on_demand_scans_feature_flag
,
project
)
raise_resource_not_available_error!
unless
Feature
.
enabled?
(
:security_on_demand_scans_feature_flag
,
project
,
default_enabled:
true
)
dast_site_profile
=
find_dast_site_profile
(
project:
project
,
global_id:
id
)
dast_site_profile
=
find_dast_site_profile
(
project:
project
,
global_id:
id
)
return
{
errors:
dast_site_profile
.
errors
.
full_messages
}
unless
dast_site_profile
.
destroy
return
{
errors:
dast_site_profile
.
errors
.
full_messages
}
unless
dast_site_profile
.
destroy
...
...
ee/app/graphql/mutations/dast_site_profiles/update.rb
View file @
50770766
...
@@ -31,7 +31,7 @@ module Mutations
...
@@ -31,7 +31,7 @@ module Mutations
def
resolve
(
full_path
:,
**
service_args
)
def
resolve
(
full_path
:,
**
service_args
)
project
=
authorized_find!
(
full_path:
full_path
)
project
=
authorized_find!
(
full_path:
full_path
)
raise_resource_not_available_error!
unless
Feature
.
enabled?
(
:security_on_demand_scans_feature_flag
,
project
)
raise_resource_not_available_error!
unless
Feature
.
enabled?
(
:security_on_demand_scans_feature_flag
,
project
,
default_enabled:
true
)
service
=
::
DastSiteProfiles
::
UpdateService
.
new
(
project
,
current_user
)
service
=
::
DastSiteProfiles
::
UpdateService
.
new
(
project
,
current_user
)
result
=
service
.
execute
(
service_args
)
result
=
service
.
execute
(
service_args
)
...
...
ee/app/graphql/mutations/pipelines/run_dast_scan.rb
View file @
50770766
...
@@ -31,7 +31,7 @@ module Mutations
...
@@ -31,7 +31,7 @@ module Mutations
def
resolve
(
project_path
:,
target_url
:,
branch
:,
scan_type
:)
def
resolve
(
project_path
:,
target_url
:,
branch
:,
scan_type
:)
project
=
authorized_find!
(
full_path:
project_path
)
project
=
authorized_find!
(
full_path:
project_path
)
raise_resource_not_available_error!
unless
Feature
.
enabled?
(
:security_on_demand_scans_feature_flag
,
project
)
raise_resource_not_available_error!
unless
Feature
.
enabled?
(
:security_on_demand_scans_feature_flag
,
project
,
default_enabled:
true
)
service
=
Ci
::
RunDastScanService
.
new
(
project
,
current_user
)
service
=
Ci
::
RunDastScanService
.
new
(
project
,
current_user
)
result
=
service
.
execute
(
branch:
branch
,
target_url:
target_url
)
result
=
service
.
execute
(
branch:
branch
,
target_url:
target_url
)
...
...
ee/app/policies/ee/project_policy.rb
View file @
50770766
...
@@ -137,7 +137,7 @@ module EE
...
@@ -137,7 +137,7 @@ module EE
with_scope
:subject
with_scope
:subject
condition
(
:on_demand_scans_enabled
)
do
condition
(
:on_demand_scans_enabled
)
do
::
Feature
.
enabled?
(
:security_on_demand_scans_feature_flag
,
project
)
&&
::
Feature
.
enabled?
(
:security_on_demand_scans_feature_flag
,
project
,
default_enabled:
true
)
&&
@subject
.
feature_available?
(
:security_on_demand_scans
)
@subject
.
feature_available?
(
:security_on_demand_scans
)
end
end
...
...
ee/changelogs/unreleased/default-on-demand-dast-scan-feature-to-true-235105.yml
0 → 100644
View file @
50770766
---
title
:
Enable on-demand DAST scan feature flag by default
merge_request
:
39411
author
:
type
:
added
ee/config/feature_flags/development/security_on_demand_scans_feature_flag.yml
0 → 100644
View file @
50770766
---
name
:
security_on_demand_scans_feature_flag
introduced_by_url
:
https://gitlab.com/gitlab-org/gitlab/-/merge_requests/32994
rollout_issue_url
:
https://gitlab.com/gitlab-org/gitlab/-/issues/237796
group
:
group::dynamic analysis
type
:
development
default_enabled
:
true
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment