Commit 224efa58 authored by Steve Abrams's avatar Steve Abrams

Merge branch 'rename-finding-signatures-featureflag' into 'master'

fix: Vuln tracking feature flag must be distinct from licensed feature

See merge request gitlab-org/gitlab!59700
parents dbde1dcc 23e02ba2
...@@ -114,7 +114,7 @@ module Security ...@@ -114,7 +114,7 @@ module Security
end end
def dismissal_feedback?(finding) def dismissal_feedback?(finding)
if ::Feature.enabled?(:vulnerability_finding_signatures, pipeline.project) && !finding.signatures.empty? if ::Feature.enabled?(:vulnerability_finding_tracking_signatures, pipeline.project) && pipeline.project.licensed_feature_available?(:vulnerability_finding_signatures) && !finding.signatures.empty?
dismissal_feedback_by_finding_signatures(finding) dismissal_feedback_by_finding_signatures(finding)
else else
dismissal_feedback_by_project_fingerprint(finding) dismissal_feedback_by_project_fingerprint(finding)
......
...@@ -338,7 +338,7 @@ module Vulnerabilities ...@@ -338,7 +338,7 @@ module Vulnerabilities
def eql?(other) def eql?(other)
return false unless other.report_type == report_type && other.primary_identifier_fingerprint == primary_identifier_fingerprint return false unless other.report_type == report_type && other.primary_identifier_fingerprint == primary_identifier_fingerprint
if ::Feature.enabled?(:vulnerability_finding_signatures, project) if ::Feature.enabled?(:vulnerability_finding_tracking_signatures, project) && project.licensed_feature_available?(:vulnerability_finding_signatures)
matches_signatures(other.signatures, other.uuid) matches_signatures(other.signatures, other.uuid)
else else
other.location_fingerprint == location_fingerprint other.location_fingerprint == location_fingerprint
......
...@@ -72,7 +72,7 @@ module Security ...@@ -72,7 +72,7 @@ module Security
update_vulnerability_finding(vulnerability_finding, vulnerability_params) update_vulnerability_finding(vulnerability_finding, vulnerability_params)
reset_remediations_for(vulnerability_finding, finding) reset_remediations_for(vulnerability_finding, finding)
if ::Feature.enabled?(:vulnerability_finding_signatures, project) if ::Feature.enabled?(:vulnerability_finding_tracking_signatures, project) && project.licensed_feature_available?(:vulnerability_finding_signatures)
update_feedbacks(vulnerability_finding, vulnerability_params[:uuid]) update_feedbacks(vulnerability_finding, vulnerability_params[:uuid])
update_finding_signatures(finding, vulnerability_finding) update_finding_signatures(finding, vulnerability_finding)
end end
...@@ -91,7 +91,7 @@ module Security ...@@ -91,7 +91,7 @@ module Security
end end
def find_or_create_vulnerability_finding(finding, create_params) def find_or_create_vulnerability_finding(finding, create_params)
if ::Feature.enabled?(:vulnerability_finding_signatures, project) if ::Feature.enabled?(:vulnerability_finding_tracking_signatures, project) && project.licensed_feature_available?(:vulnerability_finding_signatures)
find_or_create_vulnerability_finding_with_signatures(finding, create_params) find_or_create_vulnerability_finding_with_signatures(finding, create_params)
else else
find_or_create_vulnerability_finding_with_location(finding, create_params) find_or_create_vulnerability_finding_with_location(finding, create_params)
......
--- ---
name: vulnerability_finding_signatures name: vulnerability_finding_tracking_signatures
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/54608 introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/54608
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/322044 rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/322044
milestone: '13.11' milestone: '13.11'
......
...@@ -174,7 +174,7 @@ RSpec.describe Security::PipelineVulnerabilitiesFinder do ...@@ -174,7 +174,7 @@ RSpec.describe Security::PipelineVulnerabilitiesFinder do
let(:ds_finding) { pipeline.security_reports.reports["dependency_scanning"].findings.first } let(:ds_finding) { pipeline.security_reports.reports["dependency_scanning"].findings.first }
let(:sast_finding) { pipeline.security_reports.reports["sast"].findings.first } let(:sast_finding) { pipeline.security_reports.reports["sast"].findings.first }
context 'when vulnerability_finding_signatures feature flag is disabled' do context 'when vulnerability_finding_tracking_signatures feature flag is disabled' do
let!(:feedback) do let!(:feedback) do
[ [
create( create(
...@@ -201,7 +201,7 @@ RSpec.describe Security::PipelineVulnerabilitiesFinder do ...@@ -201,7 +201,7 @@ RSpec.describe Security::PipelineVulnerabilitiesFinder do
end end
before do before do
stub_feature_flags(vulnerability_finding_signatures: false) stub_feature_flags(vulnerability_finding_tracking_signatures: false)
end end
context 'when unscoped' do context 'when unscoped' do
...@@ -231,7 +231,7 @@ RSpec.describe Security::PipelineVulnerabilitiesFinder do ...@@ -231,7 +231,7 @@ RSpec.describe Security::PipelineVulnerabilitiesFinder do
end end
end end
context 'when vulnerability_finding_signatures feature flag is enabled' do context 'when vulnerability_finding_tracking_signatures feature flag is enabled' do
let!(:feedback) do let!(:feedback) do
[ [
create( create(
...@@ -248,7 +248,7 @@ RSpec.describe Security::PipelineVulnerabilitiesFinder do ...@@ -248,7 +248,7 @@ RSpec.describe Security::PipelineVulnerabilitiesFinder do
end end
before do before do
stub_feature_flags(vulnerability_finding_signatures: true) stub_feature_flags(vulnerability_finding_tracking_signatures: true)
end end
context 'when unscoped' do context 'when unscoped' do
......
...@@ -13,13 +13,13 @@ RSpec.describe Gitlab::Ci::Reports::Security::VulnerabilityReportsComparer do ...@@ -13,13 +13,13 @@ RSpec.describe Gitlab::Ci::Reports::Security::VulnerabilityReportsComparer do
subject { described_class.new(base_report, head_report) } subject { described_class.new(base_report, head_report) }
where(vulnerability_finding_signatures_enabled: [true, false]) where(vulnerability_finding_tracking_signatures_enabled: [true, false])
with_them do with_them do
before do before do
allow(base_vulnerability).to receive(:location).and_return({}) allow(base_vulnerability).to receive(:location).and_return({})
allow(head_vulnerability).to receive(:location).and_return({}) allow(head_vulnerability).to receive(:location).and_return({})
stub_feature_flags(vulnerability_finding_signatures: vulnerability_finding_signatures_enabled) stub_feature_flags(vulnerability_finding_tracking_signatures: vulnerability_finding_tracking_signatures_enabled)
end end
describe '#base_report_out_of_date' do describe '#base_report_out_of_date' do
......
...@@ -10,7 +10,8 @@ RSpec.describe Vulnerabilities::Finding do ...@@ -10,7 +10,8 @@ RSpec.describe Vulnerabilities::Finding do
where(vulnerability_finding_signatures_enabled: [true, false]) where(vulnerability_finding_signatures_enabled: [true, false])
with_them do with_them do
before do before do
stub_feature_flags(vulnerability_finding_signatures: vulnerability_finding_signatures_enabled) stub_feature_flags(vulnerability_finding_tracking_signatures: vulnerability_finding_signatures_enabled)
stub_licensed_features(vulnerability_finding_signatures: vulnerability_finding_signatures_enabled)
end end
describe 'associations' do describe 'associations' do
......
...@@ -11,10 +11,10 @@ RSpec.describe Ci::CompareSecurityReportsService do ...@@ -11,10 +11,10 @@ RSpec.describe Ci::CompareSecurityReportsService do
collection.map { |t| t['identifiers'].first['external_id'] } collection.map { |t| t['identifiers'].first['external_id'] }
end end
where(vulnerability_finding_signatures_enabled: [true, false]) where(vulnerability_finding_tracking_signatures_enabled: [true, false])
with_them do with_them do
before do before do
stub_feature_flags(vulnerability_finding_signatures: vulnerability_finding_signatures_enabled) stub_feature_flags(vulnerability_finding_tracking_signatures: vulnerability_finding_tracking_signatures_enabled)
end end
describe '#execute DS' do describe '#execute DS' do
......
...@@ -24,9 +24,15 @@ RSpec.describe Security::StoreReportService, '#execute' do ...@@ -24,9 +24,15 @@ RSpec.describe Security::StoreReportService, '#execute' do
with_them do with_them do
before do before do
stub_feature_flags(vulnerability_finding_signatures: vulnerability_finding_signatures_enabled) stub_feature_flags(vulnerability_finding_tracking_signatures: vulnerability_finding_signatures_enabled)
stub_feature_flags(optimize_sql_query_for_security_report: optimize_sql_query_for_security_report_ff) stub_feature_flags(optimize_sql_query_for_security_report: optimize_sql_query_for_security_report_ff)
stub_licensed_features(sast: true, dependency_scanning: true, container_scanning: true, security_dashboard: true) stub_licensed_features(
sast: true,
dependency_scanning: true,
container_scanning: true,
security_dashboard: true,
vulnerability_finding_signatures: vulnerability_finding_signatures_enabled
)
allow(Security::AutoFixWorker).to receive(:perform_async) allow(Security::AutoFixWorker).to receive(:perform_async)
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment