Remove `store_security_findings` feature flag related code

The feature flag has already been active for a long time.

Remove `store_security_findings` feature flag related code
The feature flag has already been active for a long time.
632e353a · Mehmet Emin INAC · Markus Koller · f8b6dbab · 632e353a · 632e353a
Commit 632e353a authored Jan 05, 2021 by Mehmet Emin INAC Committed by Markus Koller Jan 05, 2021
6 changed files
--- a/ee/app/finders/security/findings_finder.rb
+++ b/ee/app/finders/security/findings_finder.rb
@@ -29,7 +29,7 @@ module Security
    end
    def execute
-      return unless can_use_security_findings?
+      return unless has_security_findings?
      ResultSet.new(security_findings, findings)
    end
@@ -39,10 +39,6 @@ module Security
    attr_reader :pipeline, :params
    delegate :project, :has_security_findings?, to: :pipeline, private: true
-    def can_use_security_findings?
-      Feature.enabled?(:store_security_findings, project) && has_security_findings?
-    end
    def findings
      security_findings.map(&method(:build_vulnerability_finding))
    end

--- a/ee/app/services/security/store_scan_service.rb
+++ b/ee/app/services/security/store_scan_service.rb
@@ -19,8 +19,6 @@ module Security
    end
    def execute
-      return security_scan unless Feature.enabled?(:store_security_findings, project)
      StoreFindingsMetadataService.execute(security_scan, security_report)
      deduplicate_findings? ? update_deduplicated_findings : register_finding_keys

--- a/ee/changelogs/unreleased/276011_remove_store_security_findings_feature_flag.yml
+++ b/ee/changelogs/unreleased/276011_remove_store_security_findings_feature_flag.yml
+---
+title: Remove `store_security_findings` feature flag
+merge_request: 48357
+author:
+type: changed
--- a/ee/config/feature_flags/development/store_security_findings.yml
+++ b/ee/config/feature_flags/development/store_security_findings.yml
---
-name: store_security_findings
-introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/44312
-rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/276011
-milestone: '13.6'
-type: development
-group: group::threat insights
-default_enabled: false
--- a/ee/spec/finders/security/findings_finder_spec.rb
+++ b/ee/spec/finders/security/findings_finder_spec.rb
--- a/ee/spec/services/security/store_scan_service_spec.rb
+++ b/ee/spec/services/security/store_scan_service_spec.rb
@@ -41,121 +41,89 @@ RSpec.describe Security::StoreScanService do
      known_keys.add(finding_key)
    end
-    context 'when the `store_security_findings` feature is not enabled' do
+    it 'calls the `Security::StoreFindingsMetadataService` to store findings' do
-      before do
+      store_scan
-        stub_feature_flags(store_security_findings: false)
-      end
-      it 'does not call the `Security::StoreFindingsMetadataService`' do
-        store_scan
-        expect(Security::StoreFindingsMetadataService).not_to have_received(:execute)
-      end
-      context 'when the security scan already exists for the artifact' do
-        let_it_be(:security_scan) { create(:security_scan, build: artifact.job, scan_type: :sast) }
-        it 'does not create a new security scan' do
+      expect(Security::StoreFindingsMetadataService).to have_received(:execute)
-          expect { store_scan }.not_to change { artifact.job.security_scans.count }
-        end
-      end
-      context 'when the security scan does not exist for the artifact' do
-        it 'creates a new security scan' do
-          expect { store_scan }.to change { artifact.job.security_scans.sast.count }.by(1)
-        end
-      end
    end
-    context 'when the `store_security_findings` feature is enabled' do
+    context 'when the security scan already exists for the artifact' do
-      before do
+      let_it_be(:security_scan) { create(:security_scan, build: artifact.job, scan_type: :sast) }
-        stub_feature_flags(store_security_findings: artifact.project)
+      let_it_be(:unique_security_finding) do
+        create(:security_finding,
+               scan: security_scan,
+               position: 0)
      end
-      it 'calls the `Security::StoreFindingsMetadataService` to store findings' do
+      let_it_be(:duplicated_security_finding) do
-        store_scan
+        create(:security_finding,
+               scan: security_scan,
-        expect(Security::StoreFindingsMetadataService).to have_received(:execute)
+               position: 5)
      end
-      context 'when the security scan already exists for the artifact' do
+      it 'does not create a new security scan' do
-        let_it_be(:security_scan) { create(:security_scan, build: artifact.job, scan_type: :sast) }
+        expect { store_scan }.not_to change { artifact.job.security_scans.count }
-        let_it_be(:unique_security_finding) do
+      end
-          create(:security_finding,
-                 scan: security_scan,
-                 position: 0)
-        end
-        let_it_be(:duplicated_security_finding) do
+      context 'when the `deduplicate` param is set as false' do
-          create(:security_finding,
+        it 'does not change the deduplicated flag of duplicated finding' do
-                 scan: security_scan,
+          expect { store_scan }.not_to change { duplicated_security_finding.reload.deduplicated }.from(false)
-                 position: 5)
        end
-        it 'does not create a new security scan' do
+        it 'does not change the deduplicated flag of unique finding' do
-          expect { store_scan }.not_to change { artifact.job.security_scans.count }
+          expect { store_scan }.not_to change { unique_security_finding.reload.deduplicated }.from(false)
        end
+      end
-        context 'when the `deduplicate` param is set as false' do
+      context 'when the `deduplicate` param is set as true' do
-          it 'does not change the deduplicated flag of duplicated finding' do
+        let(:deduplicate) { true }
-            expect { store_scan }.not_to change { duplicated_security_finding.reload.deduplicated }.from(false)
-          end
-          it 'does not change the deduplicated flag of unique finding' do
+        it 'does not change the deduplicated flag of duplicated finding false' do
-            expect { store_scan }.not_to change { unique_security_finding.reload.deduplicated }.from(false)
+          expect { store_scan }.not_to change { duplicated_security_finding.reload.deduplicated }.from(false)
-          end
        end
-        context 'when the `deduplicate` param is set as true' do
+        it 'sets the deduplicated flag of unique finding as true' do
-          let(:deduplicate) { true }
+          expect { store_scan }.to change { unique_security_finding.reload.deduplicated }.to(true)
+        end
+      end
+    end
-          it 'does not change the deduplicated flag of duplicated finding false' do
+    context 'when the security scan does not exist for the artifact' do
-            expect { store_scan }.not_to change { duplicated_security_finding.reload.deduplicated }.from(false)
+      let(:unique_finding_attribute) do
-          end
+        -> { Security::Finding.by_position(0).first&.deduplicated }
+      end
-          it 'sets the deduplicated flag of unique finding as true' do
+      let(:duplicated_finding_attribute) do
-            expect { store_scan }.to change { unique_security_finding.reload.deduplicated }.to(true)
+        -> { Security::Finding.by_position(5).first&.deduplicated }
-          end
-        end
      end
-      context 'when the security scan does not exist for the artifact' do
+      before do
-        let(:unique_finding_attribute) do
+        allow(Security::StoreFindingsMetadataService).to receive(:execute).and_call_original
-          -> { Security::Finding.by_position(0).first&.deduplicated }
+      end
-        end
-        let(:duplicated_finding_attribute) do
+      it 'creates a new security scan' do
-          -> { Security::Finding.by_position(5).first&.deduplicated }
+        expect { store_scan }.to change { artifact.job.security_scans.sast.count }.by(1)
-        end
+      end
-        before do
+      context 'when the `deduplicate` param is set as false' do
-          allow(Security::StoreFindingsMetadataService).to receive(:execute).and_call_original
+        it 'sets the deduplicated flag of duplicated finding as false' do
+          expect { store_scan }.to change { duplicated_finding_attribute.call }.to(false)
        end
-        it 'creates a new security scan' do
+        it 'sets the deduplicated flag of unique finding as true' do
-          expect { store_scan }.to change { artifact.job.security_scans.sast.count }.by(1)
+          expect { store_scan }.to change { unique_finding_attribute.call }.to(true)
        end
+      end
-        context 'when the `deduplicate` param is set as false' do
+      context 'when the `deduplicate` param is set as true' do
-          it 'sets the deduplicated flag of duplicated finding as false' do
+        let(:deduplicate) { true }
-            expect { store_scan }.to change { duplicated_finding_attribute.call }.to(false)
-          end
-          it 'sets the deduplicated flag of unique finding as true' do
+        it 'sets the deduplicated flag of duplicated finding false' do
-            expect { store_scan }.to change { unique_finding_attribute.call }.to(true)
+          expect { store_scan }.to change { duplicated_finding_attribute.call }.to(false)
-          end
        end
-        context 'when the `deduplicate` param is set as true' do
+        it 'sets the deduplicated flag of unique finding as true' do
-          let(:deduplicate) { true }
+          expect { store_scan }.to change { unique_finding_attribute.call }.to(true)
-          it 'sets the deduplicated flag of duplicated finding false' do
-            expect { store_scan }.to change { duplicated_finding_attribute.call }.to(false)
-          end
-          it 'sets the deduplicated flag of unique finding as true' do
-            expect { store_scan }.to change { unique_finding_attribute.call }.to(true)
-          end
        end
      end
    end