Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
8cdef86d
Commit
8cdef86d
authored
Aug 12, 2021
by
Max Woolf
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Remove ff_evaluate_group_level_compliance_pipeline feature flag
parent
36495806
Changes
10
Show whitespace changes
Inline
Side-by-side
Showing
10 changed files
with
18 additions
and
72 deletions
+18
-72
doc/user/project/settings/index.md
doc/user/project/settings/index.md
+2
-7
ee/app/policies/compliance_management/framework_policy.rb
ee/app/policies/compliance_management/framework_policy.rb
+1
-2
ee/app/policies/ee/group_policy.rb
ee/app/policies/ee/group_policy.rb
+1
-2
ee/config/feature_flags/development/ff_evaluate_group_level_compliance_pipeline.yml
...velopment/ff_evaluate_group_level_compliance_pipeline.yml
+0
-8
ee/lib/gitlab/ci/pipeline/chain/config/content/compliance.rb
ee/lib/gitlab/ci/pipeline/chain/config/content/compliance.rb
+1
-2
ee/spec/lib/gitlab/ci/pipeline/chain/config/content_spec.rb
ee/spec/lib/gitlab/ci/pipeline/chain/config/content_spec.rb
+4
-17
ee/spec/policies/group_policy_spec.rb
ee/spec/policies/group_policy_spec.rb
+9
-12
ee/spec/requests/api/graphql/mutations/compliance_management/frameworks/create_spec.rb
...mutations/compliance_management/frameworks/create_spec.rb
+0
-8
ee/spec/requests/api/graphql/mutations/compliance_management/frameworks/update_spec.rb
...mutations/compliance_management/frameworks/update_spec.rb
+0
-13
ee/spec/services/ci/create_pipeline_service/compliance_spec.rb
...ec/services/ci/create_pipeline_service/compliance_spec.rb
+0
-1
No files found.
doc/user/project/settings/index.md
View file @
8cdef86d
...
...
@@ -60,14 +60,9 @@ read-only view to discourage this behavior.
#### Compliance pipeline configuration **(ULTIMATE)**
> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3156) in GitLab 13.9.
> - [Deployed behind a feature flag](../../feature_flags.md).
> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3156) in GitLab 13.9, disabled behind `ff_evaluate_group_level_compliance_pipeline` [feature flag](../../../administration/feature_flags.md).
> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/300324) in GitLab 13.11.
> - Enabled on GitLab.com.
> - Recommended for production use.
WARNING:
This feature might not be available to you. Check the
**version history**
note above for details.
> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/331231) in GitLab 14.2.
Group owners can use the compliance pipeline configuration to define compliance requirements
such as scans or tests, and enforce them in individual projects.
...
...
ee/app/policies/compliance_management/framework_policy.rb
View file @
8cdef86d
...
...
@@ -9,8 +9,7 @@ module ComplianceManagement
end
condition
(
:group_level_compliance_pipeline_enabled
)
do
@subject
.
namespace
.
feature_available?
(
:evaluate_group_level_compliance_pipeline
)
&&
Feature
.
enabled?
(
:ff_evaluate_group_level_compliance_pipeline
,
@subject
.
namespace
,
default_enabled: :yaml
)
@subject
.
namespace
.
feature_available?
(
:evaluate_group_level_compliance_pipeline
)
end
rule
{
can?
(
:owner_access
)
&
custom_compliance_frameworks_enabled
}.
policy
do
...
...
ee/app/policies/ee/group_policy.rb
View file @
8cdef86d
...
...
@@ -130,8 +130,7 @@ module EE
end
condition
(
:group_level_compliance_pipeline_available
)
do
@subject
.
feature_available?
(
:evaluate_group_level_compliance_pipeline
)
&&
::
Feature
.
enabled?
(
:ff_evaluate_group_level_compliance_pipeline
,
@subject
,
default_enabled: :yaml
)
@subject
.
feature_available?
(
:evaluate_group_level_compliance_pipeline
)
end
rule
{
public_group
|
logged_in_viewable
}.
policy
do
...
...
ee/config/feature_flags/development/ff_evaluate_group_level_compliance_pipeline.yml
deleted
100644 → 0
View file @
36495806
---
name
:
ff_evaluate_group_level_compliance_pipeline
introduced_by_url
:
https://gitlab.com/gitlab-org/gitlab/-/merge_requests/52629
rollout_issue_url
:
https://gitlab.com/gitlab-org/gitlab/-/issues/300324
milestone
:
'
13.9'
type
:
development
group
:
group::compliance
default_enabled
:
true
ee/lib/gitlab/ci/pipeline/chain/config/content/compliance.rb
View file @
8cdef86d
...
...
@@ -32,8 +32,7 @@ module Gitlab
end
def
available?
project
.
feature_available?
(
:evaluate_group_level_compliance_pipeline
)
&&
::
Feature
.
enabled?
(
:ff_evaluate_group_level_compliance_pipeline
,
project
,
default_enabled: :yaml
)
project
.
feature_available?
(
:evaluate_group_level_compliance_pipeline
)
end
end
end
...
...
ee/spec/lib/gitlab/ci/pipeline/chain/config/content_spec.rb
View file @
8cdef86d
...
...
@@ -36,7 +36,6 @@ RSpec.describe ::Gitlab::Ci::Pipeline::Chain::Config::Content do
context
'when feature is available'
do
before
do
stub_feature_flags
(
ff_evaluate_group_level_compliance_pipeline:
true
)
stub_licensed_features
(
evaluate_group_level_compliance_pipeline:
true
)
end
...
...
@@ -82,32 +81,20 @@ RSpec.describe ::Gitlab::Ci::Pipeline::Chain::Config::Content do
end
end
context
'when feature is not available'
do
using
RSpec
::
Parameterized
::
TableSyntax
where
(
:licensed
,
:feature_flag
)
do
true
|
false
false
|
true
false
|
false
end
with_them
do
context
'when feature is not licensed'
do
before
do
stub_feature_flags
(
ff_evaluate_group_level_compliance_pipeline:
licensed
)
stub_licensed_features
(
evaluate_group_level_compliance_pipeline:
feature_flag
)
stub_licensed_features
(
evaluate_group_level_compliance_pipeline:
false
)
end
it_behaves_like
'does not include compliance pipeline configuration content'
end
end
end
context
'when project does not have compliance label defined'
do
let
(
:project
)
{
create
(
:project
,
ci_config_path:
ci_config_path
)
}
context
'when feature is available'
do
before
do
stub_feature_flags
(
ff_evaluate_group_level_compliance_pipeline:
true
)
stub_licensed_features
(
evaluate_group_level_compliance_pipeline:
true
)
end
...
...
ee/spec/policies/group_policy_spec.rb
View file @
8cdef86d
...
...
@@ -1612,16 +1612,15 @@ RSpec.describe GroupPolicy do
shared_examples
'compliance framework permissions'
do
using
RSpec
::
Parameterized
::
TableSyntax
where
(
:role
,
:licensed
,
:feature_flag
,
:admin_mode
,
:allowed
)
do
:owner
|
true
|
true
|
nil
|
true
:owner
|
false
|
true
|
nil
|
false
:owner
|
false
|
false
|
nil
|
false
:admin
|
true
|
true
|
true
|
true
:admin
|
true
|
true
|
false
|
false
:maintainer
|
true
|
true
|
nil
|
false
:developer
|
true
|
true
|
nil
|
false
:reporter
|
true
|
true
|
nil
|
false
:guest
|
true
|
true
|
nil
|
false
where
(
:role
,
:licensed
,
:admin_mode
,
:allowed
)
do
:owner
|
true
|
nil
|
true
:owner
|
false
|
nil
|
false
:admin
|
true
|
true
|
true
:admin
|
true
|
false
|
false
:maintainer
|
true
|
nil
|
false
:developer
|
true
|
nil
|
false
:reporter
|
true
|
nil
|
false
:guest
|
true
|
nil
|
false
end
with_them
do
...
...
@@ -1629,7 +1628,6 @@ RSpec.describe GroupPolicy do
before
do
stub_licensed_features
(
licensed_feature
=>
licensed
)
stub_feature_flags
(
feature_flag_name
=>
feature_flag
)
if
feature_flag_name
enable_admin_mode!
(
current_user
)
if
admin_mode
end
...
...
@@ -1648,7 +1646,6 @@ RSpec.describe GroupPolicy do
context
':admin_compliance_pipeline_configuration'
do
let
(
:policy
)
{
:admin_compliance_pipeline_configuration
}
let
(
:licensed_feature
)
{
:evaluate_group_level_compliance_pipeline
}
let
(
:feature_flag_name
)
{
:ff_evaluate_group_level_compliance_pipeline
}
include_examples
'compliance framework permissions'
end
...
...
ee/spec/requests/api/graphql/mutations/compliance_management/frameworks/create_spec.rb
View file @
8cdef86d
...
...
@@ -65,14 +65,6 @@ RSpec.describe 'Create a Compliance Framework' do
stub_licensed_features
(
custom_compliance_frameworks:
true
,
evaluate_group_level_compliance_pipeline:
true
)
end
context
'pipeline configuration feature is disabled'
do
before
do
stub_feature_flags
(
ff_evaluate_group_level_compliance_pipeline:
false
)
end
it_behaves_like
'a mutation that returns errors in the response'
,
errors:
[
'Pipeline configuration full path feature is not available'
]
end
context
'current_user is namespace owner'
do
it_behaves_like
'a mutation that creates a compliance framework'
end
...
...
ee/spec/requests/api/graphql/mutations/compliance_management/frameworks/update_spec.rb
View file @
8cdef86d
...
...
@@ -91,19 +91,6 @@ RSpec.describe 'Update a compliance framework' do
expect
(
mutation_response
[
'errors'
]).
to
contain_exactly
"Pipeline configuration full path feature is not available"
end
end
context
'when compliance pipeline configuration feature flag is not enabled'
do
before
do
stub_licensed_features
(
custom_compliance_frameworks:
true
,
evaluate_group_level_compliance_pipeline:
true
)
stub_feature_flags
(
ff_evaluate_group_level_compliance_pipeline:
false
)
end
it
'returns an error'
do
subject
expect
(
mutation_response
[
'errors'
]).
to
contain_exactly
"Pipeline configuration full path feature is not available"
end
end
end
context
'current_user is not permitted to update framework'
do
...
...
ee/spec/services/ci/create_pipeline_service/compliance_spec.rb
View file @
8cdef86d
...
...
@@ -31,7 +31,6 @@ RSpec.describe Ci::CreatePipelineService do
let
(
:service
)
{
described_class
.
new
(
project
,
user
,
{
ref:
'master'
})
}
before
do
stub_feature_flags
(
ff_evaluate_group_level_compliance_pipeline:
true
)
stub_licensed_features
(
evaluate_group_level_compliance_pipeline:
true
)
allow_next
(
Repository
).
to
receive
(
:blob_data_at
).
with
(
ref_sha
,
'.compliance-gitlab-ci.yml'
).
and_return
(
compliance_config
)
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment