Commit 23e02ba2 authored by Lucas Charles's avatar Lucas Charles

fix: Vuln tracking feature flag must be distinct from licensed feature

Rename feature flag for vulnerability tracking so it no longer matches
the licensed feature

Relates to https://gitlab.com/gitlab-org/gitlab/-/issues/322044
parent c1071d02
......@@ -114,7 +114,7 @@ module Security
end
def dismissal_feedback?(finding)
if ::Feature.enabled?(:vulnerability_finding_signatures, pipeline.project) && !finding.signatures.empty?
if ::Feature.enabled?(:vulnerability_finding_tracking_signatures, pipeline.project) && pipeline.project.licensed_feature_available?(:vulnerability_finding_signatures) && !finding.signatures.empty?
dismissal_feedback_by_finding_signatures(finding)
else
dismissal_feedback_by_project_fingerprint(finding)
......
......@@ -338,7 +338,7 @@ module Vulnerabilities
def eql?(other)
return false unless other.report_type == report_type && other.primary_identifier_fingerprint == primary_identifier_fingerprint
if ::Feature.enabled?(:vulnerability_finding_signatures, project)
if ::Feature.enabled?(:vulnerability_finding_tracking_signatures, project) && project.licensed_feature_available?(:vulnerability_finding_signatures)
matches_signatures(other.signatures, other.uuid)
else
other.location_fingerprint == location_fingerprint
......
......@@ -72,7 +72,7 @@ module Security
update_vulnerability_finding(vulnerability_finding, vulnerability_params)
reset_remediations_for(vulnerability_finding, finding)
if ::Feature.enabled?(:vulnerability_finding_signatures, project)
if ::Feature.enabled?(:vulnerability_finding_tracking_signatures, project) && project.licensed_feature_available?(:vulnerability_finding_signatures)
update_feedbacks(vulnerability_finding, vulnerability_params[:uuid])
update_finding_signatures(finding, vulnerability_finding)
end
......@@ -91,7 +91,7 @@ module Security
end
def find_or_create_vulnerability_finding(finding, create_params)
if ::Feature.enabled?(:vulnerability_finding_signatures, project)
if ::Feature.enabled?(:vulnerability_finding_tracking_signatures, project) && project.licensed_feature_available?(:vulnerability_finding_signatures)
find_or_create_vulnerability_finding_with_signatures(finding, create_params)
else
find_or_create_vulnerability_finding_with_location(finding, create_params)
......
---
name: vulnerability_finding_signatures
name: vulnerability_finding_tracking_signatures
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/54608
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/322044
milestone: '13.11'
......
......@@ -174,7 +174,7 @@ RSpec.describe Security::PipelineVulnerabilitiesFinder do
let(:ds_finding) { pipeline.security_reports.reports["dependency_scanning"].findings.first }
let(:sast_finding) { pipeline.security_reports.reports["sast"].findings.first }
context 'when vulnerability_finding_signatures feature flag is disabled' do
context 'when vulnerability_finding_tracking_signatures feature flag is disabled' do
let!(:feedback) do
[
create(
......@@ -201,7 +201,7 @@ RSpec.describe Security::PipelineVulnerabilitiesFinder do
end
before do
stub_feature_flags(vulnerability_finding_signatures: false)
stub_feature_flags(vulnerability_finding_tracking_signatures: false)
end
context 'when unscoped' do
......@@ -231,7 +231,7 @@ RSpec.describe Security::PipelineVulnerabilitiesFinder do
end
end
context 'when vulnerability_finding_signatures feature flag is enabled' do
context 'when vulnerability_finding_tracking_signatures feature flag is enabled' do
let!(:feedback) do
[
create(
......@@ -248,7 +248,7 @@ RSpec.describe Security::PipelineVulnerabilitiesFinder do
end
before do
stub_feature_flags(vulnerability_finding_signatures: true)
stub_feature_flags(vulnerability_finding_tracking_signatures: true)
end
context 'when unscoped' do
......
......@@ -13,13 +13,13 @@ RSpec.describe Gitlab::Ci::Reports::Security::VulnerabilityReportsComparer do
subject { described_class.new(base_report, head_report) }
where(vulnerability_finding_signatures_enabled: [true, false])
where(vulnerability_finding_tracking_signatures_enabled: [true, false])
with_them do
before do
allow(base_vulnerability).to receive(:location).and_return({})
allow(head_vulnerability).to receive(:location).and_return({})
stub_feature_flags(vulnerability_finding_signatures: vulnerability_finding_signatures_enabled)
stub_feature_flags(vulnerability_finding_tracking_signatures: vulnerability_finding_tracking_signatures_enabled)
end
describe '#base_report_out_of_date' do
......
......@@ -10,7 +10,8 @@ RSpec.describe Vulnerabilities::Finding do
where(vulnerability_finding_signatures_enabled: [true, false])
with_them do
before do
stub_feature_flags(vulnerability_finding_signatures: vulnerability_finding_signatures_enabled)
stub_feature_flags(vulnerability_finding_tracking_signatures: vulnerability_finding_signatures_enabled)
stub_licensed_features(vulnerability_finding_signatures: vulnerability_finding_signatures_enabled)
end
describe 'associations' do
......
......@@ -11,10 +11,10 @@ RSpec.describe Ci::CompareSecurityReportsService do
collection.map { |t| t['identifiers'].first['external_id'] }
end
where(vulnerability_finding_signatures_enabled: [true, false])
where(vulnerability_finding_tracking_signatures_enabled: [true, false])
with_them do
before do
stub_feature_flags(vulnerability_finding_signatures: vulnerability_finding_signatures_enabled)
stub_feature_flags(vulnerability_finding_tracking_signatures: vulnerability_finding_tracking_signatures_enabled)
end
describe '#execute DS' do
......
......@@ -24,9 +24,15 @@ RSpec.describe Security::StoreReportService, '#execute' do
with_them do
before do
stub_feature_flags(vulnerability_finding_signatures: vulnerability_finding_signatures_enabled)
stub_feature_flags(vulnerability_finding_tracking_signatures: vulnerability_finding_signatures_enabled)
stub_feature_flags(optimize_sql_query_for_security_report: optimize_sql_query_for_security_report_ff)
stub_licensed_features(sast: true, dependency_scanning: true, container_scanning: true, security_dashboard: true)
stub_licensed_features(
sast: true,
dependency_scanning: true,
container_scanning: true,
security_dashboard: true,
vulnerability_finding_signatures: vulnerability_finding_signatures_enabled
)
allow(Security::AutoFixWorker).to receive(:perform_async)
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment