Remove the api_fuzzing_configuration_ui feature flag

The api_fuzzing_configuration_ui feature flag was previously enabled by
default and no issue was reported, so it should be safe to remove it and
the associated checks.
parent 70c4632e
...@@ -4745,7 +4745,7 @@ An edge in a connection. ...@@ -4745,7 +4745,7 @@ An edge in a connection.
| `alertManagementIntegrations` | [`AlertManagementIntegrationConnection`](#alertmanagementintegrationconnection) | Integrations which can receive alerts for the project. | | `alertManagementIntegrations` | [`AlertManagementIntegrationConnection`](#alertmanagementintegrationconnection) | Integrations which can receive alerts for the project. |
| `alertManagementPayloadFields` | [`[AlertManagementPayloadAlertField!]`](#alertmanagementpayloadalertfield) | Extract alert fields from payload for custom mapping. | | `alertManagementPayloadFields` | [`[AlertManagementPayloadAlertField!]`](#alertmanagementpayloadalertfield) | Extract alert fields from payload for custom mapping. |
| `allowMergeOnSkippedPipeline` | [`Boolean`](#boolean) | If `only_allow_merge_if_pipeline_succeeds` is true, indicates if merge requests of the project can also be merged with skipped jobs. | | `allowMergeOnSkippedPipeline` | [`Boolean`](#boolean) | If `only_allow_merge_if_pipeline_succeeds` is true, indicates if merge requests of the project can also be merged with skipped jobs. |
| `apiFuzzingCiConfiguration` | [`ApiFuzzingCiConfiguration`](#apifuzzingciconfiguration) | API fuzzing configuration for the project. Null unless feature flag `api_fuzzing_configuration_ui` is enabled. | | `apiFuzzingCiConfiguration` | [`ApiFuzzingCiConfiguration`](#apifuzzingciconfiguration) | API fuzzing configuration for the project. |
| `archived` | [`Boolean`](#boolean) | Indicates the archived status of the project. | | `archived` | [`Boolean`](#boolean) | Indicates the archived status of the project. |
| `autocloseReferencedIssues` | [`Boolean`](#boolean) | Indicates if issues referenced by merge requests and commits within the default branch are closed automatically. | | `autocloseReferencedIssues` | [`Boolean`](#boolean) | Indicates if issues referenced by merge requests and commits within the default branch are closed automatically. |
| `avatarUrl` | [`String`](#string) | URL to avatar image file of the project. | | `avatarUrl` | [`String`](#string) | URL to avatar image file of the project. |
......
...@@ -74,10 +74,6 @@ starting in GitLab 14.0, GitLab will not check your repository's root for config ...@@ -74,10 +74,6 @@ starting in GitLab 14.0, GitLab will not check your repository's root for config
### Configuration form ### Configuration form
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/299234) in GitLab 13.10. > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/299234) in GitLab 13.10.
> - It's [deployed behind a feature flag](../../../user/feature_flags.md), enabled by default.
> - It's enabled on GitLab.com.
> - It's recommended for production use.
> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-api-fuzzing-configuration-form). **(ULTIMATE)**
WARNING: WARNING:
This feature might not be available to you. Check the **version history** note above for details. This feature might not be available to you. Check the **version history** note above for details.
...@@ -103,25 +99,6 @@ to your project's `.gitlab-ci.yml` file where you can paste the YAML configurati ...@@ -103,25 +99,6 @@ to your project's `.gitlab-ci.yml` file where you can paste the YAML configurati
Select **Copy code only** to copy the snippet to your clipboard and close the modal. Select **Copy code only** to copy the snippet to your clipboard and close the modal.
#### Enable or disable API Fuzzing configuration form **(ULTIMATE)**
The API Fuzzing configuration form is under development but ready for production use.
It is deployed behind a feature flag that is **enabled by default**.
[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md)
can opt to disable it.
To enable it:
```ruby
Feature.enable(:api_fuzzing_configuration_ui)
```
To disable it:
```ruby
Feature.disable(:api_fuzzing_configuration_ui)
```
### OpenAPI Specification ### OpenAPI Specification
> Support for OpenAPI Specification v3 was > Support for OpenAPI Specification v3 was
......
...@@ -14,7 +14,6 @@ module EE ...@@ -14,7 +14,6 @@ module EE
before_action only: [:show] do before_action only: [:show] do
push_frontend_feature_flag(:security_auto_fix, project, default_enabled: false) push_frontend_feature_flag(:security_auto_fix, project, default_enabled: false)
push_frontend_feature_flag(:api_fuzzing_configuration_ui, project, default_enabled: :yaml)
push_frontend_feature_flag(:sec_dependency_scanning_ui_enable, project, default_enabled: :yaml) push_frontend_feature_flag(:sec_dependency_scanning_ui_enable, project, default_enabled: :yaml)
end end
......
...@@ -11,7 +11,6 @@ module Projects ...@@ -11,7 +11,6 @@ module Projects
feature_category :fuzz_testing feature_category :fuzz_testing
def show def show
not_found unless Feature.enabled?(:api_fuzzing_configuration_ui, @project, default_enabled: :yaml)
end end
end end
end end
......
...@@ -133,8 +133,7 @@ module EE ...@@ -133,8 +133,7 @@ module EE
field :api_fuzzing_ci_configuration, field :api_fuzzing_ci_configuration,
::Types::AppSec::Fuzzing::Api::CiConfigurationType, ::Types::AppSec::Fuzzing::Api::CiConfigurationType,
null: true, null: true,
description: 'API fuzzing configuration for the project. '\ description: 'API fuzzing configuration for the project. '
'Null unless feature flag `api_fuzzing_configuration_ui` is enabled.'
field :push_rules, field :push_rules,
::Types::PushRulesType, ::Types::PushRulesType,
...@@ -144,8 +143,7 @@ module EE ...@@ -144,8 +143,7 @@ module EE
end end
def api_fuzzing_ci_configuration def api_fuzzing_ci_configuration
return unless ::Feature.enabled?(:api_fuzzing_configuration_ui, object, default_enabled: :yaml) && \ return unless Ability.allowed?(current_user, :read_vulnerability, object)
Ability.allowed?(current_user, :read_vulnerability, object)
configuration = ::AppSec::Fuzzing::Api::CiConfiguration.new(project: object) configuration = ::AppSec::Fuzzing::Api::CiConfiguration.new(project: object)
......
...@@ -53,8 +53,6 @@ module Mutations ...@@ -53,8 +53,6 @@ module Mutations
def resolve(args) def resolve(args)
project = authorized_find!(args[:project_path]) project = authorized_find!(args[:project_path])
raise_feature_off_error unless feature_enabled?(project)
create_service = ::AppSec::Fuzzing::Api::CiConfigurationCreateService.new( create_service = ::AppSec::Fuzzing::Api::CiConfigurationCreateService.new(
container: project, current_user: current_user, params: args container: project, current_user: current_user, params: args
) )
...@@ -72,10 +70,6 @@ module Mutations ...@@ -72,10 +70,6 @@ module Mutations
raise ::Gitlab::Graphql::Errors::ResourceNotAvailable, raise ::Gitlab::Graphql::Errors::ResourceNotAvailable,
'The API fuzzing CI configuration feature is off' 'The API fuzzing CI configuration feature is off'
end end
def feature_enabled?(project)
Feature.enabled?(:api_fuzzing_configuration_ui, project, default_enabled: :yaml)
end
end end
end end
end end
......
...@@ -91,7 +91,7 @@ module Projects ...@@ -91,7 +91,7 @@ module Projects
{ {
sast: project_security_configuration_sast_path(project), sast: project_security_configuration_sast_path(project),
dast_profiles: project_security_configuration_dast_scans_path(project), dast_profiles: project_security_configuration_dast_scans_path(project),
api_fuzzing: ::Feature.enabled?(:api_fuzzing_configuration_ui, project, default_enabled: :yaml) ? project_security_configuration_api_fuzzing_path(project) : nil api_fuzzing: project_security_configuration_api_fuzzing_path(project)
}[type] }[type]
end end
end end
......
---
title: Remove the api_fuzzing_configuration_ui feature flag
merge_request: 57583
author:
type: changed
---
name: api_fuzzing_configuration_ui
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/51940
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/299234
milestone: '13.9'
type: development
group: group::fuzz testing
default_enabled: true
...@@ -51,18 +51,6 @@ RSpec.describe Projects::Security::ApiFuzzingConfigurationController do ...@@ -51,18 +51,6 @@ RSpec.describe Projects::Security::ApiFuzzingConfigurationController do
expect(response.body).to have_active_sub_navigation('Configuration') expect(response.body).to have_active_sub_navigation('Configuration')
end end
context 'with feature flag disabled' do
before do
stub_feature_flags(api_fuzzing_configuration_ui: false)
end
it 'returns a 404 for an HTML request' do
request
expect(response).to have_gitlab_http_status(:not_found)
end
end
end end
context 'with unauthorized user' do context 'with unauthorized user' do
......
...@@ -30,11 +30,6 @@ RSpec.describe Mutations::AppSec::Fuzzing::Api::CiConfiguration::Create do ...@@ -30,11 +30,6 @@ RSpec.describe Mutations::AppSec::Fuzzing::Api::CiConfiguration::Create do
stub_licensed_features(security_dashboard: true) stub_licensed_features(security_dashboard: true)
end end
context 'when the api_fuzzing_configuration_ui feature is on' do
before do
stub_feature_flags(api_fuzzing_configuration_ui: true)
end
it 'returns a YAML snippet that can be used to configure API fuzzing scans for the project' do it 'returns a YAML snippet that can be used to configure API fuzzing scans for the project' do
aggregate_failures do aggregate_failures do
expect(subject[:errors]).to be_empty expect(subject[:errors]).to be_empty
...@@ -55,20 +50,6 @@ RSpec.describe Mutations::AppSec::Fuzzing::Api::CiConfiguration::Create do ...@@ -55,20 +50,6 @@ RSpec.describe Mutations::AppSec::Fuzzing::Api::CiConfiguration::Create do
end end
end end
context 'when the api_fuzzing_configuration_ui feature is off' do
before do
stub_feature_flags(api_fuzzing_configuration_ui: false)
end
it 'errors' do
expect { subject }.to raise_error(
::Gitlab::Graphql::Errors::ResourceNotAvailable,
'The API fuzzing CI configuration feature is off'
)
end
end
end
context 'when the user cannot access the API fuzzing configuration feature' do context 'when the user cannot access the API fuzzing configuration feature' do
before do before do
stub_licensed_features(security_dashboard: false) stub_licensed_features(security_dashboard: false)
......
...@@ -42,11 +42,6 @@ RSpec.describe 'Query.project(fullPath).apiFuzzingCiConfiguration' do ...@@ -42,11 +42,6 @@ RSpec.describe 'Query.project(fullPath).apiFuzzingCiConfiguration' do
).to_return(body: profiles_yaml) ).to_return(body: profiles_yaml)
end end
context 'when the api_fuzzing_configuration_ui feature flag is enabled' do
before do
stub_feature_flags(api_fuzzing_configuration_ui: true)
end
context 'when the user can read vulnerabilities for the project' do context 'when the user can read vulnerabilities for the project' do
before do before do
stub_licensed_features(security_dashboard: true) stub_licensed_features(security_dashboard: true)
...@@ -79,21 +74,6 @@ RSpec.describe 'Query.project(fullPath).apiFuzzingCiConfiguration' do ...@@ -79,21 +74,6 @@ RSpec.describe 'Query.project(fullPath).apiFuzzingCiConfiguration' do
expect(response).to have_gitlab_http_status(:ok) expect(response).to have_gitlab_http_status(:ok)
fuzzing_config = graphql_data.dig('project', 'apiFuzzingCiConfiguration')
expect(fuzzing_config).to be_nil
end
end
end
context 'when the api_fuzzing_configuration_ui feature flag is disabled' do
before do
stub_feature_flags(api_fuzzing_configuration_ui: false)
end
it 'returns nil' do
post_graphql(query, current_user: user)
expect(response).to have_gitlab_http_status(:ok)
fuzzing_config = graphql_data.dig('project', 'apiFuzzingCiConfiguration') fuzzing_config = graphql_data.dig('project', 'apiFuzzingCiConfiguration')
expect(fuzzing_config).to be_nil expect(fuzzing_config).to be_nil
end end
......
...@@ -33,7 +33,6 @@ RSpec.describe 'CreateApiFuzzingCiConfiguration' do ...@@ -33,7 +33,6 @@ RSpec.describe 'CreateApiFuzzingCiConfiguration' do
end end
before do before do
stub_feature_flags(api_fuzzing_configuration_ui: true)
stub_licensed_features(security_dashboard: true) stub_licensed_features(security_dashboard: true)
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment