Commit b3ebb541 authored by Douglas Barbosa Alexandre's avatar Douglas Barbosa Alexandre

Merge branch 'djadmin-ff-cleanup-dast-configuration-ui' into 'master'

Remove dast_configuration_ui feature flag

See merge request gitlab-org/gitlab!66817
parents 4a7db8d3 31da8512
......@@ -15,7 +15,6 @@ module EE
before_action only: [:show] do
push_frontend_feature_flag(:security_auto_fix, project, default_enabled: false)
push_frontend_feature_flag(:sec_dependency_scanning_ui_enable, project, default_enabled: :yaml)
push_frontend_feature_flag(:dast_configuration_ui, project, default_enabled: :yaml)
end
before_action only: [:auto_fix] do
......
......@@ -11,7 +11,6 @@ module Projects
feature_category :dynamic_application_security_testing
def show
not_found unless Feature.enabled?(:dast_configuration_ui, @project, default_enabled: :yaml)
end
end
end
......
......@@ -212,7 +212,6 @@ module EE
def dast_configuration_variables
::Gitlab::Ci::Variables::Collection.new.tap do |collection|
break collection unless ::Feature.enabled?(:dast_configuration_ui, project, default_enabled: :yaml)
break collection unless (dast_configuration = options[:dast_configuration])
if dast_configuration[:site_profile] && dast_site_profile
......
......@@ -91,7 +91,7 @@ module Projects
def configuration_path(type)
{
sast: project_security_configuration_sast_path(project),
dast: ::Feature.enabled?(:dast_configuration_ui, project, default_enabled: :yaml) ? project_security_configuration_dast_path(project) : nil,
dast: project_security_configuration_dast_path(project),
dast_profiles: project_security_configuration_dast_scans_path(project),
api_fuzzing: project_security_configuration_api_fuzzing_path(project)
}[type]
......
......@@ -17,8 +17,7 @@ module AppSec
private
def allowed?
can?(current_user, :create_on_demand_dast_scan, project) &&
::Feature.enabled?(:dast_configuration_ui, project, default_enabled: :yaml)
can?(current_user, :create_on_demand_dast_scan, project)
end
def errors
......
---
name: dast_configuration_ui
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/62014
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/330728
milestone: '14.1'
type: development
group: group::dynamic analysis
default_enabled: true
......@@ -58,20 +58,7 @@ RSpec.describe Gitlab::Ci::Pipeline::Seed::Build do
it_behaves_like 'an insufficient permissions error'
end
context 'when the feature is not enabled' do
before do
stub_feature_flags(dast_configuration_ui: false)
end
it_behaves_like 'it does not change build attributes'
it_behaves_like 'an insufficient permissions error'
end
context 'when the feature is enabled' do
before do
stub_feature_flags(dast_configuration_ui: true)
end
context 'dast configuration' do
shared_examples 'it looks up dast profiles in the database' do |dast_profile_name_key|
let(:profile_name) { public_send(dast_profile_name_key) }
......
......@@ -195,16 +195,6 @@ RSpec.describe Ci::Build do
end
end
end
context 'when feature is disabled' do
before do
stub_feature_flags(dast_configuration_ui: false)
end
it_behaves_like 'it excludes variables' do
let(:expected_variables) { dast_site_profile.ci_variables.concat(dast_site_profile.secret_ci_variables(user)) }
end
end
end
context 'when there is a dast_scanner_profile associated with the job' do
......@@ -216,16 +206,6 @@ RSpec.describe Ci::Build do
let(:expected_variables) { dast_scanner_profile.ci_variables }
end
end
context 'when feature is disabled' do
before do
stub_feature_flags(dast_configuration_ui: false)
end
it_behaves_like 'it excludes variables' do
let(:expected_variables) { dast_scanner_profile.ci_variables }
end
end
end
context 'when there are profiles associated with the job' do
......
......@@ -9,7 +9,6 @@ RSpec.describe Projects::Security::DastConfigurationController, type: :request d
describe 'GET #show' do
before do
stub_licensed_features(security_dashboard: true)
stub_feature_flags(dast_configuration_ui: true)
login_as(user)
end
......@@ -60,19 +59,6 @@ RSpec.describe Projects::Security::DastConfigurationController, type: :request d
expect(response).to have_gitlab_http_status(:not_found)
end
end
context 'feature flag is disabled' do
before do
stub_feature_flags(dast_configuration_ui: false)
project.add_developer(user)
end
it 'sees a 404 error' do
get project_security_configuration_dast_path(project)
expect(response).to have_gitlab_http_status(:not_found)
end
end
end
end
end
......@@ -74,60 +74,44 @@ RSpec.describe Ci::CreatePipelineService do
allow(project).to receive(:licensed_features).and_return(project_features << :dast)
end
context 'when the feature is not enabled' do
before do
stub_feature_flags(dast_configuration_ui: false)
context 'when the stage is dast' do
it 'persists dast_configuration in build options' do
expect(dast_build.options).to include(dast_configuration: { site_profile: dast_site_profile.name, scanner_profile: dast_scanner_profile.name })
end
it 'communicates failure' do
expect(subject.yaml_errors).to eq('Insufficient permissions for dast_configuration keyword')
it 'expands the dast variables' do
expect(dast_variables).to include(*dast_variables)
end
end
context 'when the feature is enabled' do
before do
stub_feature_flags(dast_configuration_ui: true)
end
context 'when the stage is dast' do
it 'persists dast_configuration in build options' do
expect(dast_build.options).to include(dast_configuration: { site_profile: dast_site_profile.name, scanner_profile: dast_scanner_profile.name })
end
it 'expands the dast variables' do
expect(dast_variables).to include(*dast_variables)
end
context 'when the user has permission' do
it 'expands the secret dast variables' do
expect(dast_variables).to include(*dast_secret_variables)
end
context 'when the user has permission' do
it 'expands the secret dast variables' do
expect(dast_variables).to include(*dast_secret_variables)
end
end
shared_examples 'a missing profile' do
it 'communicates failure' do
expect(subject.yaml_errors).to eq("DAST profile not found: #{profile.name}")
end
shared_examples 'a missing profile' do
it 'communicates failure' do
expect(subject.yaml_errors).to eq("DAST profile not found: #{profile.name}")
end
end
context 'when the site profile does not exist' do
let(:dast_site_profile) { double(DastSiteProfile, name: SecureRandom.hex) }
let(:profile) { dast_site_profile }
context 'when the site profile does not exist' do
let(:dast_site_profile) { double(DastSiteProfile, name: SecureRandom.hex) }
let(:profile) { dast_site_profile }
it_behaves_like 'a missing profile'
end
it_behaves_like 'a missing profile'
end
context 'when the scanner profile does not exist' do
let(:dast_scanner_profile) { double(DastScannerProfile, name: SecureRandom.hex) }
let(:profile) { dast_scanner_profile }
context 'when the scanner profile does not exist' do
let(:dast_scanner_profile) { double(DastScannerProfile, name: SecureRandom.hex) }
let(:profile) { dast_scanner_profile }
it_behaves_like 'a missing profile'
end
it_behaves_like 'a missing profile'
end
end
context 'when the stage is not dast' do
it_behaves_like 'it does not expand the dast variables'
end
context 'when the stage is not dast' do
it_behaves_like 'it does not expand the dast variables'
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment