Merge branch 'mw/remove-compliance-pipeline-ff' into 'master'

Remove ff_evaluate_group_level_compliance_pipeline feature flag See merge request gitlab-org/gitlab!67984

Merge branch 'mw/remove-compliance-pipeline-ff' into 'master'
Remove ff_evaluate_group_level_compliance_pipeline feature flag See merge request gitlab-org/gitlab!67984
95ef9b02 · Max Woolf · 800a2070 · 8cdef86d · 95ef9b02 · 95ef9b02
Commit 95ef9b02 authored Aug 12, 2021 by Max Woolf
10 changed files
--- a/doc/user/project/settings/index.md
+++ b/doc/user/project/settings/index.md
@@ -60,14 +60,9 @@ read-only view to discourage this behavior.

 #### Compliance pipeline configuration **(ULTIMATE)**

-> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3156) in GitLab 13.9.
-> - [Deployed behind a feature flag](../../feature_flags.md).
+> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3156) in GitLab 13.9, disabled behind `ff_evaluate_group_level_compliance_pipeline` [feature flag](../../../administration/feature_flags.md).
 > - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/300324) in GitLab 13.11.
-> - Enabled on GitLab.com.
-> - Recommended for production use.
-
-WARNING:
-This feature might not be available to you. Check the **version history** note above for details.
+> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/331231) in GitLab 14.2.

 Group owners can use the compliance pipeline configuration to define compliance requirements
 such as scans or tests, and enforce them in individual projects.

--- a/ee/app/policies/compliance_management/framework_policy.rb
+++ b/ee/app/policies/compliance_management/framework_policy.rb
@@ -9,8 +9,7 @@ module ComplianceManagement
    end

    condition(:group_level_compliance_pipeline_enabled) do
-      @subject.namespace.feature_available?(:evaluate_group_level_compliance_pipeline) &&
-        Feature.enabled?(:ff_evaluate_group_level_compliance_pipeline, @subject.namespace, default_enabled: :yaml)
+      @subject.namespace.feature_available?(:evaluate_group_level_compliance_pipeline)
    end

    rule { can?(:owner_access) & custom_compliance_frameworks_enabled }.policy do

--- a/ee/app/policies/ee/group_policy.rb
+++ b/ee/app/policies/ee/group_policy.rb
@@ -130,8 +130,7 @@ module EE
      end

      condition(:group_level_compliance_pipeline_available) do
-        @subject.feature_available?(:evaluate_group_level_compliance_pipeline) &&
-          ::Feature.enabled?(:ff_evaluate_group_level_compliance_pipeline, @subject, default_enabled: :yaml)
+        @subject.feature_available?(:evaluate_group_level_compliance_pipeline)
      end

      rule { public_group | logged_in_viewable }.policy do

--- a/ee/config/feature_flags/development/ff_evaluate_group_level_compliance_pipeline.yml
+++ b/ee/config/feature_flags/development/ff_evaluate_group_level_compliance_pipeline.yml
---
-name: ff_evaluate_group_level_compliance_pipeline
-introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/52629
-rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/300324
-milestone: '13.9'
-type: development
-group: group::compliance
-default_enabled: true
--- a/ee/lib/gitlab/ci/pipeline/chain/config/content/compliance.rb
+++ b/ee/lib/gitlab/ci/pipeline/chain/config/content/compliance.rb
@@ -32,8 +32,7 @@ module Gitlab
              end

              def available?
-                project.feature_available?(:evaluate_group_level_compliance_pipeline) &&
-                  ::Feature.enabled?(:ff_evaluate_group_level_compliance_pipeline, project, default_enabled: :yaml)
+                project.feature_available?(:evaluate_group_level_compliance_pipeline)
              end
            end
          end

--- a/ee/spec/lib/gitlab/ci/pipeline/chain/config/content_spec.rb
+++ b/ee/spec/lib/gitlab/ci/pipeline/chain/config/content_spec.rb
@@ -36,7 +36,6 @@ RSpec.describe ::Gitlab::Ci::Pipeline::Chain::Config::Content do

    context 'when feature is available' do
      before do
-        stub_feature_flags(ff_evaluate_group_level_compliance_pipeline: true)
        stub_licensed_features(evaluate_group_level_compliance_pipeline: true)
      end

@@ -82,23 +81,12 @@ RSpec.describe ::Gitlab::Ci::Pipeline::Chain::Config::Content do
      end
    end

-    context 'when feature is not available' do
-      using RSpec::Parameterized::TableSyntax
-
-      where(:licensed, :feature_flag) do
-        true  | false
-        false | true
-        false | false
+    context 'when feature is not licensed' do
+      before do
+        stub_licensed_features(evaluate_group_level_compliance_pipeline: false)
      end

-      with_them do
-        before do
-          stub_feature_flags(ff_evaluate_group_level_compliance_pipeline: licensed)
-          stub_licensed_features(evaluate_group_level_compliance_pipeline: feature_flag)
-        end
-
-        it_behaves_like 'does not include compliance pipeline configuration content'
-      end
+      it_behaves_like 'does not include compliance pipeline configuration content'
    end
  end

@@ -107,7 +95,6 @@ RSpec.describe ::Gitlab::Ci::Pipeline::Chain::Config::Content do

    context 'when feature is available' do
      before do
-        stub_feature_flags(ff_evaluate_group_level_compliance_pipeline: true)
        stub_licensed_features(evaluate_group_level_compliance_pipeline: true)
      end


--- a/ee/spec/policies/group_policy_spec.rb
+++ b/ee/spec/policies/group_policy_spec.rb
@@ -1612,16 +1612,15 @@ RSpec.describe GroupPolicy do
    shared_examples 'compliance framework permissions' do
      using RSpec::Parameterized::TableSyntax

-      where(:role, :licensed, :feature_flag, :admin_mode, :allowed) do
-        :owner      | true  | true  | nil   | true
-        :owner      | false | true  | nil   | false
-        :owner      | false | false | nil   | false
-        :admin      | true  | true  | true  | true
-        :admin      | true  | true  | false | false
-        :maintainer | true  | true  | nil   | false
-        :developer  | true  | true  | nil   | false
-        :reporter   | true  | true  | nil   | false
-        :guest      | true  | true  | nil   | false
+      where(:role, :licensed, :admin_mode, :allowed) do
+        :owner      | true  | nil   | true
+        :owner      | false | nil   | false
+        :admin      | true  | true  | true
+        :admin      | true  | false | false
+        :maintainer | true  | nil   | false
+        :developer  | true  | nil   | false
+        :reporter   | true  | nil   | false
+        :guest      | true  | nil   | false
      end

      with_them do
@@ -1629,7 +1628,6 @@ RSpec.describe GroupPolicy do

        before do
          stub_licensed_features(licensed_feature => licensed)
-          stub_feature_flags(feature_flag_name => feature_flag) if feature_flag_name
          enable_admin_mode!(current_user) if admin_mode
        end

@@ -1648,7 +1646,6 @@ RSpec.describe GroupPolicy do
    context ':admin_compliance_pipeline_configuration' do
      let(:policy) { :admin_compliance_pipeline_configuration }
      let(:licensed_feature) { :evaluate_group_level_compliance_pipeline }
-      let(:feature_flag_name) { :ff_evaluate_group_level_compliance_pipeline }

      include_examples 'compliance framework permissions'
    end

--- a/ee/spec/requests/api/graphql/mutations/compliance_management/frameworks/create_spec.rb
+++ b/ee/spec/requests/api/graphql/mutations/compliance_management/frameworks/create_spec.rb
@@ -65,14 +65,6 @@ RSpec.describe 'Create a Compliance Framework' do
      stub_licensed_features(custom_compliance_frameworks: true, evaluate_group_level_compliance_pipeline: true)
    end

-    context 'pipeline configuration feature is disabled' do
-      before do
-        stub_feature_flags(ff_evaluate_group_level_compliance_pipeline: false)
-      end
-
-      it_behaves_like 'a mutation that returns errors in the response', errors: ['Pipeline configuration full path feature is not available']
-    end
-
    context 'current_user is namespace owner' do
      it_behaves_like 'a mutation that creates a compliance framework'
    end

--- a/ee/spec/requests/api/graphql/mutations/compliance_management/frameworks/update_spec.rb
+++ b/ee/spec/requests/api/graphql/mutations/compliance_management/frameworks/update_spec.rb
@@ -91,19 +91,6 @@ RSpec.describe 'Update a compliance framework' do
            expect(mutation_response['errors']).to contain_exactly "Pipeline configuration full path feature is not available"
          end
        end
-
-        context 'when compliance pipeline configuration feature flag is not enabled' do
-          before do
-            stub_licensed_features(custom_compliance_frameworks: true, evaluate_group_level_compliance_pipeline: true)
-            stub_feature_flags(ff_evaluate_group_level_compliance_pipeline: false)
-          end
-
-          it 'returns an error' do
-            subject
-
-            expect(mutation_response['errors']).to contain_exactly "Pipeline configuration full path feature is not available"
-          end
-        end
      end

      context 'current_user is not permitted to update framework' do

--- a/ee/spec/services/ci/create_pipeline_service/compliance_spec.rb
+++ b/ee/spec/services/ci/create_pipeline_service/compliance_spec.rb
@@ -31,7 +31,6 @@ RSpec.describe Ci::CreatePipelineService do
  let(:service) { described_class.new(project, user, { ref: 'master' }) }

  before do
-    stub_feature_flags(ff_evaluate_group_level_compliance_pipeline: true)
    stub_licensed_features(evaluate_group_level_compliance_pipeline: true)
    allow_next(Repository).to receive(:blob_data_at).with(ref_sha, '.compliance-gitlab-ci.yml').and_return(compliance_config)
  end