Commit ed70d8e3 authored by Paul Slaughter's avatar Paul Slaughter

Merge branch '13638-add-configuration-screen-for-secure-features-navigation-item' into 'master'

Add security configuration navigation item

See merge request gitlab-org/gitlab!20711
parents 181bb515 0fd20223
---
type: reference, howto
---
# Security Configuration **(ULTIMATE)**
> [Introduced](https://gitlab.com/gitlab-org/gitlab/merge_requests/20711) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.6.
## Overview
The security configuration page displays the configuration state of each of the security
features and can be accessed through a project's sidebar nav.
![Screenshot of security configuration page](../img/security_configuration_page_v12_6.png)
The page uses the project's latest default branch [CI pipeline](../../../ci/pipelines.md) to determine the configuration
state of each feature. If a job with the expected security report artifact exists in the pipeline,
the feature is considered configured.
NOTE: **Note:** if the latest pipeline used [Auto DevOps](../../../topics/autodevops/index.md),
all security features will be configured by default.
## Limitations
It is not possible to enable or disable a feature using the configuration page.
However, instructions on how to enable or disable a feature can be found through
the links next to each feature on that page.
......@@ -38,6 +38,7 @@ module EE
if can?(current_user, :read_project_security_dashboard, @project)
nav_tabs << :security
nav_tabs << :security_configuration
end
if can?(current_user, :read_dependencies, @project)
......@@ -140,6 +141,7 @@ module EE
def sidebar_security_paths
%w[
projects/security/configuration#show
projects/security/dashboard#show
projects/dependencies#show
projects/licenses#show
......
......@@ -32,3 +32,8 @@
= nav_link(path: 'projects/licenses#show') do
= link_to project_licenses_path(@project), title: _('License Compliance'), data: { qa_selector: 'licenses_list_link' } do
%span= _('License Compliance')
- if project_nav_tab?(:security_configuration)
= nav_link(path: 'projects/security/configuration#show') do
= link_to project_security_configuration_path(@project), title: _('Configuration'), data: { qa_selector: 'security_configuration_link'} do
%span= _('Configuration')
---
title: Add security configuration navigation item
merge_request: 20711
author:
type: added
......@@ -148,6 +148,10 @@ describe 'layouts/nav/sidebar/_project' do
expect(rendered).to have_link('Security Dashboard', href: project_security_dashboard_path(project))
end
it 'security configuration link is visible' do
expect(rendered).to have_link('Configuration', href: project_security_configuration_path(project))
end
it 'dependency list link is visible' do
expect(rendered).to have_link('Dependency List', href: project_dependencies_path(project))
end
......@@ -165,6 +169,10 @@ describe 'layouts/nav/sidebar/_project' do
expect(rendered).to have_link('Security Dashboard', href: project_security_dashboard_path(project))
end
it 'security configuration link is visible' do
expect(rendered).to have_link('Configuration', href: project_security_configuration_path(project))
end
it 'dependency list link is not visible' do
expect(rendered).not_to have_link('Dependency List', href: project_dependencies_path(project))
end
......@@ -182,6 +190,10 @@ describe 'layouts/nav/sidebar/_project' do
expect(rendered).not_to have_link('Security Dashboard', href: project_security_dashboard_path(project))
end
it 'security configuration link is not visible' do
expect(rendered).not_to have_link('Configuration', href: project_security_configuration_path(project))
end
it 'dependency list link is visible' do
expect(rendered).to have_link('Dependency List', href: project_dependencies_path(project))
end
......@@ -199,6 +211,10 @@ describe 'layouts/nav/sidebar/_project' do
expect(rendered).not_to have_link('Security Dashboard', href: project_security_dashboard_path(project))
end
it 'security configuration link is not visible' do
expect(rendered).not_to have_link('Configuration', href: project_security_configuration_path(project))
end
it 'dependency list link is not visible' do
expect(rendered).not_to have_link('Dependency List', href: project_dependencies_path(project))
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment