Commit 149154f6 authored by Robert Speicher's avatar Robert Speicher

Merge branch '209810-license-compliance-configuration' into 'master'

Fix configuration issue for License Compliance

See merge request gitlab-org/gitlab!27016
parents 36a5f50e dd6fdbe0
...@@ -12,7 +12,7 @@ ...@@ -12,7 +12,7 @@
module Security module Security
class LicenseManagementJobsFinder < JobsFinder class LicenseManagementJobsFinder < JobsFinder
def self.allowed_job_types def self.allowed_job_types
[:license_management] [:license_management, :license_scanning]
end end
end end
end end
...@@ -12,6 +12,7 @@ module Projects ...@@ -12,6 +12,7 @@ module Projects
dast: _('Analyze a review version of your web application.'), dast: _('Analyze a review version of your web application.'),
dependency_scanning: _('Analyze your dependencies for known vulnerabilities.'), dependency_scanning: _('Analyze your dependencies for known vulnerabilities.'),
license_management: _('Search your project dependencies for their licenses and apply policies.'), license_management: _('Search your project dependencies for their licenses and apply policies.'),
license_scanning: _('Search your project dependencies for their licenses and apply policies.'),
sast: _('Analyze your source code for known vulnerabilities.') sast: _('Analyze your source code for known vulnerabilities.')
}.freeze }.freeze
...@@ -20,6 +21,7 @@ module Projects ...@@ -20,6 +21,7 @@ module Projects
dast: 'user/application_security/dast/index', dast: 'user/application_security/dast/index',
dependency_scanning: 'user/application_security/dependency_scanning/index', dependency_scanning: 'user/application_security/dependency_scanning/index',
license_management: 'user/application_security/license_compliance/index', license_management: 'user/application_security/license_compliance/index',
license_scanning: 'user/application_security/license_compliance/index',
sast: 'user/application_security/sast/index' sast: 'user/application_security/sast/index'
}.freeze }.freeze
...@@ -27,7 +29,8 @@ module Projects ...@@ -27,7 +29,8 @@ module Projects
container_scanning: _('Container Scanning'), container_scanning: _('Container Scanning'),
dast: _('Dynamic Application Security Testing (DAST)'), dast: _('Dynamic Application Security Testing (DAST)'),
dependency_scanning: _('Dependency Scanning'), dependency_scanning: _('Dependency Scanning'),
license_management: _('License Compliance'), license_management: 'License Management',
license_scanning: _('License Compliance'),
sast: _('Static Application Security Testing (SAST)') sast: _('Static Application Security Testing (SAST)')
}.freeze }.freeze
...@@ -44,7 +47,7 @@ module Projects ...@@ -44,7 +47,7 @@ module Projects
private private
def features def features
scan_types.map do |scan_type| scans = scan_types.map do |scan_type|
if auto_devops_source? if auto_devops_source?
scan(scan_type, configured: true) scan(scan_type, configured: true)
elsif latest_builds_reports.include?(scan_type) elsif latest_builds_reports.include?(scan_type)
...@@ -53,6 +56,9 @@ module Projects ...@@ -53,6 +56,9 @@ module Projects
scan(scan_type, configured: false) scan(scan_type, configured: false)
end end
end end
# TODO: remove this line with #8912
license_compliance_substitute(scans)
end end
def latest_builds_reports def latest_builds_reports
...@@ -84,6 +90,25 @@ module Projects ...@@ -84,6 +90,25 @@ module Projects
project_pipeline_path(self, latest_default_branch_pipeline) project_pipeline_path(self, latest_default_branch_pipeline)
end end
# In this method we define if License Compliance feature is configured
# by looking into `license_scanning` and `license_management` reports
# in 13.0 support for `license_management` report type is scheduled to be dropped.
# With this change we won't need this method anymore.
def license_compliance_substitute(scans)
license_management = scans.find { |scan_type| scan_type[:name] == SCAN_NAMES[:license_management] }
license_compliance_config = license_management.fetch(:configured, false)
scans.delete(license_management)
if license_compliance_config
scans.map do |scan_type|
scan_type[:configured] = true if scan_type[:name] == _('License Compliance')
end
end
scans
end
def scan(type, configured: false) def scan(type, configured: false)
{ {
configured: configured, configured: configured,
......
---
title: Fix configuration issue for License Compliance
merge_request: 27016
author:
type: fixed
...@@ -42,7 +42,7 @@ describe Projects::Security::ConfigurationPresenter do ...@@ -42,7 +42,7 @@ describe Projects::Security::ConfigurationPresenter do
security_scan(:sast, configured: true), security_scan(:sast, configured: true),
security_scan(:container_scanning, configured: true), security_scan(:container_scanning, configured: true),
security_scan(:dependency_scanning, configured: true), security_scan(:dependency_scanning, configured: true),
security_scan(:license_management, configured: true) security_scan(:license_scanning, configured: true)
) )
end end
end end
...@@ -62,7 +62,7 @@ describe Projects::Security::ConfigurationPresenter do ...@@ -62,7 +62,7 @@ describe Projects::Security::ConfigurationPresenter do
security_scan(:sast, configured: false), security_scan(:sast, configured: false),
security_scan(:container_scanning, configured: false), security_scan(:container_scanning, configured: false),
security_scan(:dependency_scanning, configured: false), security_scan(:dependency_scanning, configured: false),
security_scan(:license_management, configured: false) security_scan(:license_scanning, configured: false)
) )
end end
end end
...@@ -88,7 +88,7 @@ describe Projects::Security::ConfigurationPresenter do ...@@ -88,7 +88,7 @@ describe Projects::Security::ConfigurationPresenter do
security_scan(:sast, configured: true), security_scan(:sast, configured: true),
security_scan(:container_scanning, configured: false), security_scan(:container_scanning, configured: false),
security_scan(:dependency_scanning, configured: false), security_scan(:dependency_scanning, configured: false),
security_scan(:license_management, configured: false) security_scan(:license_scanning, configured: false)
) )
end end
...@@ -102,7 +102,7 @@ describe Projects::Security::ConfigurationPresenter do ...@@ -102,7 +102,7 @@ describe Projects::Security::ConfigurationPresenter do
security_scan(:sast, configured: true), security_scan(:sast, configured: true),
security_scan(:container_scanning, configured: false), security_scan(:container_scanning, configured: false),
security_scan(:dependency_scanning, configured: false), security_scan(:dependency_scanning, configured: false),
security_scan(:license_management, configured: false) security_scan(:license_scanning, configured: false)
) )
end end
...@@ -122,7 +122,19 @@ describe Projects::Security::ConfigurationPresenter do ...@@ -122,7 +122,19 @@ describe Projects::Security::ConfigurationPresenter do
security_scan(:sast, configured: true), security_scan(:sast, configured: true),
security_scan(:container_scanning, configured: false), security_scan(:container_scanning, configured: false),
security_scan(:dependency_scanning, configured: false), security_scan(:dependency_scanning, configured: false),
security_scan(:license_management, configured: false) security_scan(:license_scanning, configured: false)
)
end
it 'detect new license compliance job' do
create(:ci_build, :license_scanning, pipeline: pipeline)
expect(JSON.parse(subject[:features])).to contain_exactly(
security_scan(:dast, configured: true),
security_scan(:sast, configured: true),
security_scan(:container_scanning, configured: false),
security_scan(:dependency_scanning, configured: false),
security_scan(:license_scanning, configured: true)
) )
end end
......
...@@ -361,6 +361,8 @@ FactoryBot.define do ...@@ -361,6 +361,8 @@ FactoryBot.define do
options { {} } options { {} }
end end
# TODO: move Security traits to ee_ci_build
# https://gitlab.com/gitlab-org/gitlab/-/issues/210486
trait :dast do trait :dast do
options do options do
{ {
...@@ -401,6 +403,14 @@ FactoryBot.define do ...@@ -401,6 +403,14 @@ FactoryBot.define do
end end
end end
trait :license_scanning do
options do
{
artifacts: { reports: { license_management: 'gl-license-scanning-report.json' } }
}
end
end
trait :non_playable do trait :non_playable do
status { 'created' } status { 'created' }
self.when { 'manual' } self.when { 'manual' }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment