Commit 95ef9b02 authored by Max Woolf's avatar Max Woolf

Merge branch 'mw/remove-compliance-pipeline-ff' into 'master'

Remove ff_evaluate_group_level_compliance_pipeline feature flag

See merge request gitlab-org/gitlab!67984
parents 800a2070 8cdef86d
......@@ -60,14 +60,9 @@ read-only view to discourage this behavior.
#### Compliance pipeline configuration **(ULTIMATE)**
> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3156) in GitLab 13.9.
> - [Deployed behind a feature flag](../../feature_flags.md).
> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3156) in GitLab 13.9, disabled behind `ff_evaluate_group_level_compliance_pipeline` [feature flag](../../../administration/feature_flags.md).
> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/300324) in GitLab 13.11.
> - Enabled on GitLab.com.
> - Recommended for production use.
WARNING:
This feature might not be available to you. Check the **version history** note above for details.
> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/331231) in GitLab 14.2.
Group owners can use the compliance pipeline configuration to define compliance requirements
such as scans or tests, and enforce them in individual projects.
......
......@@ -9,8 +9,7 @@ module ComplianceManagement
end
condition(:group_level_compliance_pipeline_enabled) do
@subject.namespace.feature_available?(:evaluate_group_level_compliance_pipeline) &&
Feature.enabled?(:ff_evaluate_group_level_compliance_pipeline, @subject.namespace, default_enabled: :yaml)
@subject.namespace.feature_available?(:evaluate_group_level_compliance_pipeline)
end
rule { can?(:owner_access) & custom_compliance_frameworks_enabled }.policy do
......
......@@ -130,8 +130,7 @@ module EE
end
condition(:group_level_compliance_pipeline_available) do
@subject.feature_available?(:evaluate_group_level_compliance_pipeline) &&
::Feature.enabled?(:ff_evaluate_group_level_compliance_pipeline, @subject, default_enabled: :yaml)
@subject.feature_available?(:evaluate_group_level_compliance_pipeline)
end
rule { public_group | logged_in_viewable }.policy do
......
---
name: ff_evaluate_group_level_compliance_pipeline
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/52629
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/300324
milestone: '13.9'
type: development
group: group::compliance
default_enabled: true
......@@ -32,8 +32,7 @@ module Gitlab
end
def available?
project.feature_available?(:evaluate_group_level_compliance_pipeline) &&
::Feature.enabled?(:ff_evaluate_group_level_compliance_pipeline, project, default_enabled: :yaml)
project.feature_available?(:evaluate_group_level_compliance_pipeline)
end
end
end
......
......@@ -36,7 +36,6 @@ RSpec.describe ::Gitlab::Ci::Pipeline::Chain::Config::Content do
context 'when feature is available' do
before do
stub_feature_flags(ff_evaluate_group_level_compliance_pipeline: true)
stub_licensed_features(evaluate_group_level_compliance_pipeline: true)
end
......@@ -82,32 +81,20 @@ RSpec.describe ::Gitlab::Ci::Pipeline::Chain::Config::Content do
end
end
context 'when feature is not available' do
using RSpec::Parameterized::TableSyntax
where(:licensed, :feature_flag) do
true | false
false | true
false | false
end
with_them do
context 'when feature is not licensed' do
before do
stub_feature_flags(ff_evaluate_group_level_compliance_pipeline: licensed)
stub_licensed_features(evaluate_group_level_compliance_pipeline: feature_flag)
stub_licensed_features(evaluate_group_level_compliance_pipeline: false)
end
it_behaves_like 'does not include compliance pipeline configuration content'
end
end
end
context 'when project does not have compliance label defined' do
let(:project) { create(:project, ci_config_path: ci_config_path) }
context 'when feature is available' do
before do
stub_feature_flags(ff_evaluate_group_level_compliance_pipeline: true)
stub_licensed_features(evaluate_group_level_compliance_pipeline: true)
end
......
......@@ -1612,16 +1612,15 @@ RSpec.describe GroupPolicy do
shared_examples 'compliance framework permissions' do
using RSpec::Parameterized::TableSyntax
where(:role, :licensed, :feature_flag, :admin_mode, :allowed) do
:owner | true | true | nil | true
:owner | false | true | nil | false
:owner | false | false | nil | false
:admin | true | true | true | true
:admin | true | true | false | false
:maintainer | true | true | nil | false
:developer | true | true | nil | false
:reporter | true | true | nil | false
:guest | true | true | nil | false
where(:role, :licensed, :admin_mode, :allowed) do
:owner | true | nil | true
:owner | false | nil | false
:admin | true | true | true
:admin | true | false | false
:maintainer | true | nil | false
:developer | true | nil | false
:reporter | true | nil | false
:guest | true | nil | false
end
with_them do
......@@ -1629,7 +1628,6 @@ RSpec.describe GroupPolicy do
before do
stub_licensed_features(licensed_feature => licensed)
stub_feature_flags(feature_flag_name => feature_flag) if feature_flag_name
enable_admin_mode!(current_user) if admin_mode
end
......@@ -1648,7 +1646,6 @@ RSpec.describe GroupPolicy do
context ':admin_compliance_pipeline_configuration' do
let(:policy) { :admin_compliance_pipeline_configuration }
let(:licensed_feature) { :evaluate_group_level_compliance_pipeline }
let(:feature_flag_name) { :ff_evaluate_group_level_compliance_pipeline }
include_examples 'compliance framework permissions'
end
......
......@@ -65,14 +65,6 @@ RSpec.describe 'Create a Compliance Framework' do
stub_licensed_features(custom_compliance_frameworks: true, evaluate_group_level_compliance_pipeline: true)
end
context 'pipeline configuration feature is disabled' do
before do
stub_feature_flags(ff_evaluate_group_level_compliance_pipeline: false)
end
it_behaves_like 'a mutation that returns errors in the response', errors: ['Pipeline configuration full path feature is not available']
end
context 'current_user is namespace owner' do
it_behaves_like 'a mutation that creates a compliance framework'
end
......
......@@ -91,19 +91,6 @@ RSpec.describe 'Update a compliance framework' do
expect(mutation_response['errors']).to contain_exactly "Pipeline configuration full path feature is not available"
end
end
context 'when compliance pipeline configuration feature flag is not enabled' do
before do
stub_licensed_features(custom_compliance_frameworks: true, evaluate_group_level_compliance_pipeline: true)
stub_feature_flags(ff_evaluate_group_level_compliance_pipeline: false)
end
it 'returns an error' do
subject
expect(mutation_response['errors']).to contain_exactly "Pipeline configuration full path feature is not available"
end
end
end
context 'current_user is not permitted to update framework' do
......
......@@ -31,7 +31,6 @@ RSpec.describe Ci::CreatePipelineService do
let(:service) { described_class.new(project, user, { ref: 'master' }) }
before do
stub_feature_flags(ff_evaluate_group_level_compliance_pipeline: true)
stub_licensed_features(evaluate_group_level_compliance_pipeline: true)
allow_next(Repository).to receive(:blob_data_at).with(ref_sha, '.compliance-gitlab-ci.yml').and_return(compliance_config)
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment