Merge branch 'default-on-demand-dast-scan-feature-to-true-235105' into 'master'

Enable on-demand DAST scan feature flag by default See merge request gitlab-org/gitlab!39411

Merge branch 'default-on-demand-dast-scan-feature-to-true-235105' into 'master'
Enable on-demand DAST scan feature flag by default See merge request gitlab-org/gitlab!39411
82d6547b · Ash McKenzie · bb7b2a0b · 50770766 · 82d6547b · 82d6547b
Commit 82d6547b authored Aug 17, 2020 by Ash McKenzie
10 changed files
--- a/ee/app/graphql/ee/types/project_type.rb
+++ b/ee/app/graphql/ee/types/project_type.rb
@@ -17,7 +17,7 @@ module EE
            null: true,
            description: 'The DAST scanner profiles associated with the project',
            resolve: -> (project, _args, _ctx) do
-              return DastScannerProfile.none unless ::Feature.enabled?(:security_on_demand_scans_feature_flag, project)
+              return DastScannerProfile.none unless ::Feature.enabled?(:security_on_demand_scans_feature_flag, project, default_enabled: true)

              project.dast_scanner_profiles
            end

--- a/ee/app/graphql/mutations/dast_on_demand_scans/create.rb
+++ b/ee/app/graphql/mutations/dast_on_demand_scans/create.rb
@@ -25,7 +25,7 @@ module Mutations

      def resolve(full_path:, dast_site_profile_id:)
        project = authorized_find!(full_path: full_path)
-        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project)
+        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project, default_enabled: true)

        dast_site_profile = find_dast_site_profile(project: project, dast_site_profile_id: dast_site_profile_id)
        dast_site = dast_site_profile.dast_site

--- a/ee/app/graphql/mutations/dast_scanner_profiles/create.rb
+++ b/ee/app/graphql/mutations/dast_scanner_profiles/create.rb
@@ -31,7 +31,7 @@ module Mutations

      def resolve(full_path:, profile_name:, spider_timeout: nil, target_timeout: nil)
        project = authorized_find!(full_path: full_path)
-        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project)
+        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project, default_enabled: true)

        service = ::DastScannerProfiles::CreateService.new(project, current_user)
        result = service.execute(name: profile_name, spider_timeout: spider_timeout, target_timeout: target_timeout)

--- a/ee/app/graphql/mutations/dast_site_profiles/create.rb
+++ b/ee/app/graphql/mutations/dast_site_profiles/create.rb
@@ -27,7 +27,7 @@ module Mutations

      def resolve(full_path:, profile_name:, target_url: nil)
        project = authorized_find!(full_path: full_path)
-        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project)
+        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project, default_enabled: true)

        service = ::DastSiteProfiles::CreateService.new(project, current_user)
        result = service.execute(name: profile_name, target_url: target_url)

--- a/ee/app/graphql/mutations/dast_site_profiles/delete.rb
+++ b/ee/app/graphql/mutations/dast_site_profiles/delete.rb
@@ -19,7 +19,7 @@ module Mutations

      def resolve(full_path:, id:)
        project = authorized_find!(full_path: full_path)
-        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project)
+        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project, default_enabled: true)

        dast_site_profile = find_dast_site_profile(project: project, global_id: id)
        return { errors: dast_site_profile.errors.full_messages } unless dast_site_profile.destroy

--- a/ee/app/graphql/mutations/dast_site_profiles/update.rb
+++ b/ee/app/graphql/mutations/dast_site_profiles/update.rb
@@ -31,7 +31,7 @@ module Mutations

      def resolve(full_path:, **service_args)
        project = authorized_find!(full_path: full_path)
-        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project)
+        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project, default_enabled: true)

        service = ::DastSiteProfiles::UpdateService.new(project, current_user)
        result = service.execute(service_args)

--- a/ee/app/graphql/mutations/pipelines/run_dast_scan.rb
+++ b/ee/app/graphql/mutations/pipelines/run_dast_scan.rb
@@ -31,7 +31,7 @@ module Mutations

      def resolve(project_path:, target_url:, branch:, scan_type:)
        project = authorized_find!(full_path: project_path)
-        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project)
+        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project, default_enabled: true)

        service = Ci::RunDastScanService.new(project, current_user)
        result = service.execute(branch: branch, target_url: target_url)

--- a/ee/app/policies/ee/project_policy.rb
+++ b/ee/app/policies/ee/project_policy.rb
@@ -137,7 +137,7 @@ module EE

      with_scope :subject
      condition(:on_demand_scans_enabled) do
-        ::Feature.enabled?(:security_on_demand_scans_feature_flag, project) &&
+        ::Feature.enabled?(:security_on_demand_scans_feature_flag, project, default_enabled: true) &&
        @subject.feature_available?(:security_on_demand_scans)
      end


--- a/ee/changelogs/unreleased/default-on-demand-dast-scan-feature-to-true-235105.yml
+++ b/ee/changelogs/unreleased/default-on-demand-dast-scan-feature-to-true-235105.yml
+---
+title: Enable on-demand DAST scan feature flag by default
+merge_request: 39411
+author:
+type: added
--- a/ee/config/feature_flags/development/security_on_demand_scans_feature_flag.yml
+++ b/ee/config/feature_flags/development/security_on_demand_scans_feature_flag.yml
+---
+name: security_on_demand_scans_feature_flag
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/32994
+rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/237796
+group: group::dynamic analysis
+type: development
+default_enabled: true