Merge branch 'rf-sast-config-telemetry' into 'master'

SAST Config UI telemetry

See merge request gitlab-org/gitlab!42720

ee/app/services/security/ci_configuration/sast_create_service.rb

@@ -11,10 +11,12 @@ module Security
       end
 
       def execute
-        result = ::Files::MultiService.new(@project, @current_user, attributes).execute
+        attributes_for_commit = attributes
+        result = ::Files::MultiService.new(@project, @current_user, attributes_for_commit).execute
 
         if result[:status] == :success
           result[:success_path] = successful_change_path
+          track_event(attributes_for_commit)
         else
           result[:errors] = result[:message]
         end
@@ -48,6 +50,14 @@ module Security
         merge_request_params = { source_branch: @branch_name, description: description }
         Gitlab::Routing.url_helpers.project_new_merge_request_url(@project, merge_request: merge_request_params)
       end
+
+      def track_event(attributes_for_commit)
+        action = attributes_for_commit[:actions].first
+
+        Gitlab::Tracking.event(
+          self.class.to_s, action[:action], { label: action[:default_values_overwritten].to_s }
+        )
+      end
     end
   end
 end

ee/changelogs/unreleased/rf-sast-config-telemetry.yml

+---
+title: Add SAST UI Config telemetry
+merge_request: 42720
+author:
+type: changed

ee/lib/security/ci_configuration/sast_build_actions.rb

@@ -8,6 +8,7 @@ module Security
         @variables = variables(params)
         @existing_gitlab_ci_content = existing_gitlab_ci_content || {}
         @default_sast_values = default_sast_values(params)
+        @default_values_overwritten = false
       end
 
       def generate
@@ -15,7 +16,7 @@ module Security
 
         update_existing_content!
 
-        [{ action: action, file_path: '.gitlab-ci.yml', content: prepare_existing_content }]
+        [{ action: action, file_path: '.gitlab-ci.yml', content: prepare_existing_content, default_values_overwritten: @default_values_overwritten }]
       end
 
       private
@@ -77,6 +78,7 @@ module Security
         variables.each do |key|
           if @variables[key].present? && @variables[key].to_s != @default_sast_values[key].to_s
             hash_to_update['variables'][key] = @variables[key]
+            @default_values_overwritten = true
           else
             hash_to_update['variables'].delete(key)
           end

ee/spec/lib/security/ci_configuration/sast_build_actions_spec.rb

@@ -55,6 +55,10 @@ RSpec.describe Security::CiConfiguration::SastBuildActions do
           expect(result.first[:action]).to eq('update')
           expect(result.first[:content]).to eq(sast_yaml_two_includes)
         end
+
+        it 'reports defaults have been overwritten' do
+          expect(result.first[:default_values_overwritten]).to eq(true)
+        end
       end
     end
 
@@ -78,6 +82,10 @@ RSpec.describe Security::CiConfiguration::SastBuildActions do
       it 'generates the correct YML' do
         expect(result.first[:content]).to eq(sast_yaml_with_no_variables_set)
       end
+
+      it 'reports defaults have not been overwritten' do
+        expect(result.first[:default_values_overwritten]).to eq(false)
+      end
     end
 
     context 'with update stage and SEARCH_MAX_DEPTH and set SECURE_ANALYZERS_PREFIX to default' do

ee/spec/services/security/ci_configuration/sast_create_service_spec.rb

@@ -2,20 +2,43 @@
 
 require 'spec_helper'
 
-RSpec.describe Security::CiConfiguration::SastCreateService do
+RSpec.describe Security::CiConfiguration::SastCreateService, :snowplow do
   describe '#execute' do
     let_it_be(:project) { create(:project, :repository) }
     let_it_be(:user) { create(:user) }
+    let(:params) { {} }
 
     subject(:result) { described_class.new(project, user, params).execute }
 
+    context 'user does not belong to project' do
+      it 'returns an error status' do
+        expect(result[:status]).to eq(:error)
+        expect(result[:success_path]).to be_nil
+      end
+
+      it 'does not track a snowplow event' do
+        subject
+
+        expect_no_snowplow_event
+      end
+    end
+
+    context 'user belongs to project' do
       before do
         project.add_developer(user)
       end
 
-    context 'with no parameters' do
-      let(:params) { {} }
+      it 'does track the snowplow event' do
+        subject
+
+        expect_snowplow_event(
+          category: 'Security::CiConfiguration::SastCreateService',
+          action: 'create',
+          label: 'false'
+        )
+      end
 
+      context 'with no parameters' do
         it 'returns the path to create a new merge request' do
           expect(result[:status]).to eq(:success)
           expect(result[:success_path]).to match(/#{Gitlab::Routing.url_helpers.project_new_merge_request_url(project, {})}(.*)description(.*)source_branch/)
@@ -36,4 +59,5 @@ RSpec.describe Security::CiConfiguration::SastCreateService do
         end
       end
     end
+  end
 end