Added tests for License Compliance

Added necessary page objects and selectors for these tests

app/assets/javascripts/reports/components/issue_status_icon.vue

@@ -50,6 +50,6 @@ export default {
     }"
     class="report-block-list-icon"
   >
-    <icon :name="iconName" :size="statusIconSize" />
+    <icon :name="iconName" :size="statusIconSize" :data-qa-selector="`status_${status}_icon`" />
   </div>
 </template>

app/assets/javascripts/reports/components/report_item.vue

@@ -46,6 +46,7 @@ export default {
   <li
     :class="{ 'is-dismissed': issue.isDismissed }"
     class="report-block-list-issue align-items-center"
+    data-qa-selector="report_item_row"
   >
     <issue-status-icon
       v-if="showReportSectionStatusIcon"

ee/app/assets/javascripts/vue_shared/license_management/components/add_license_form.vue

@@ -72,6 +72,7 @@ export default {
           v-model="approvalStatus"
           class="form-check-input"
           type="radio"
+          :data-qa-selector="`${option.value}_license_radio`"
           :value="option.value"
         />
         <label :for="`js-${option.value}-license-radio`" class="form-check-label">
@@ -79,7 +80,13 @@ export default {
         </label>
       </div>
     </div>
-    <gl-button class="js-submit" variant="default" :disabled="submitDisabled" @click="addLicense">
+    <gl-button
+      class="js-submit"
+      variant="default"
+      :disabled="submitDisabled"
+      data-qa-selector="add_license_submit_button"
+      @click="addLicense"
+    >
       {{ s__('LicenseCompliance|Submit') }}
     </gl-button>
     <gl-button class="js-cancel" variant="default" @click="closeForm">

ee/app/assets/javascripts/vue_shared/license_management/components/license_management_row.vue

@@ -57,7 +57,7 @@ export default {
 <template>
   <div>
     <issue-status-icon :status="status" class="float-left append-right-default" />
-    <span class="js-license-name">{{ license.name }}</span>
+    <span class="js-license-name" data-qa-selector="license_name_content">{{ license.name }}</span>
     <div class="float-right">
       <div class="d-flex">
         <gl-dropdown

ee/app/assets/javascripts/vue_shared/license_management/license_management.vue

@@ -66,12 +66,14 @@ export default {
       :empty-search-message="$options.emptySearchMessage"
       :empty-message="$options.emptyMessage"
       filter="name"
+      data-qa-selector="license_compliance_list"
     >
       <template #header>
         <gl-button
           class="js-open-form order-1"
           :disabled="formIsOpen"
           variant="success"
+          data-qa-selector="license_add_button"
           @click="openAddLicenseForm"
         >
           {{ s__('LicenseCompliance|Add a license') }}

ee/app/views/projects/pipelines/_tabs_holder.html.haml

@@ -3,12 +3,12 @@
 
 - if pipeline.expose_security_dashboard?
   %li.js-security-tab-link
-    = link_to security_project_pipeline_path(project, pipeline), data: { target: '#js-tab-security', action: 'security', toggle: 'tab' }, class: 'security-tab', 'data-qa-selector': 'security_tab' do
+    = link_to security_project_pipeline_path(project, pipeline), data: { target: '#js-tab-security', action: 'security', toggle: 'tab', qa_selector: 'security_tab' }, class: 'security-tab' do
       = _("Security")
       %span.badge.badge-pill.js-security-counter.hidden{ 'data-qa-selector': 'security_counter' }
 
 - if pipeline.expose_license_scanning_data?
   %li.js-licenses-tab-link
-    = link_to licenses_project_pipeline_path(project, pipeline), data: { target: '#js-tab-licenses', action: 'licenses', toggle: 'tab' }, class: 'licenses-tab' do
+    = link_to licenses_project_pipeline_path(project, pipeline), data: { target: '#js-tab-licenses', action: 'licenses', toggle: 'tab', qa_selector: 'licenses_tab' }, class: 'licenses-tab' do
       = _("Licenses")
-      %span.badge.badge-pill.js-licenses-counter.hidden
+      %span.badge.badge-pill.js-licenses-counter.hidden{ data: { qa_selector: 'licenses_counter' } }

ee/app/views/projects/settings/ci_cd/_managed_licenses.html.haml

 - return unless @project.feature_available?(:license_management)
 - expanded = expanded_by_default?
 
-%section.settings.no-animate#js-license-management{ class: ('expanded' if expanded) }
+%section.settings.no-animate#js-license-management{ class: ('expanded' if expanded), data: { qa_selector: 'license_compliance_settings_content' } }
   .settings-header
     %h4
       = s_('LicenseCompliance|License Compliance')

qa/qa/ee.rb

@@ -112,6 +112,8 @@ module QA
           autoload :Integrations, 'qa/ee/page/project/settings/integrations'
           autoload :Repository, 'qa/ee/page/project/settings/repository'
           autoload :PushRules, 'qa/ee/page/project/settings/push_rules'
+          autoload :CICD, 'qa/ee/page/project/settings/ci_cd.rb'
+          autoload :LicenseCompliance, 'qa/ee/page/project/settings/license_compliance.rb'
 
           module Services
             autoload :Jenkins, 'qa/ee/page/project/settings/services/jenkins'

qa/qa/ee/fixtures/secure_premade_reports/.gitlab-ci.yml

@@ -3,6 +3,7 @@ include:
   template: Container-Scanning.gitlab-ci.yml
   template: SAST.gitlab-ci.yml
   template: DAST.gitlab-ci.yml
+  template: License-Management.gitlab-ci.yml
 
 dependency_scanning:
   tags:
@@ -48,3 +49,13 @@ dast:
   artifacts:
     reports:
       dast: gl-dast-report.json
+
+license_management:
+  tags:
+    - qa
+    - test
+  script:
+    - echo "Skipped"
+  artifacts:
+    reports:
+      license_management: gl-license-management-report.json

qa/qa/ee/fixtures/secure_premade_reports/gl-license-management-report.json

+{
+    "licenses": [
+        {
+            "count": 1,
+            "name": "WTFPL"
+        },
+        {
+            "count": 1,
+            "name": "MIT"
+        }
+    ],
+    "dependencies": [
+        {
+            "license": {
+                "name": "MIT",
+                "url": "http://opensource.org/licenses/mit-license"
+            },
+            "dependency": {
+                "name": "actioncable",
+                "url": "http://rubyonrails.org",
+                "description": "WebSocket framework for Rails.",
+                "paths": [
+                    "."
+                ]
+            }
+        },
+        {
+            "license": {
+                "name": "WTFPL",
+                "url": "http://www.wtfpl.net/"
+            },
+            "dependency": {
+                "name": "wtfpl_init",
+                "url": "https://rubygems.org/gems/wtfpl_init",
+                "description": "Download WTFPL license file and rename to LICENSE.md or something",
+                "paths": [
+                    "."
+                ]
+            }
+        }
+    ]
+}

qa/qa/ee/page/merge_request/show.rb

@@ -113,7 +113,9 @@ module QA
           end
 
           def expand_vulnerability_report
-            click_element :expand_report_button
+            within_element :vulnerability_report_grouped do
+              click_element :expand_report_button
+            end
           end
 
           def click_vulnerability(name)

qa/qa/ee/page/project/pipeline/show.rb

@@ -5,6 +5,13 @@ module QA::EE::Page
     module Show
       def self.prepended(page)
         page.module_eval do
+          view 'ee/app/views/projects/pipelines/_tabs_holder.html.haml' do
+            element :security_tab
+            element :security_counter
+            element :licenses_tab
+            element :licenses_counter
+          end
+
           view 'ee/app/assets/javascripts/security_dashboard/components/filter.vue' do
             element :filter_dropdown, ':data-qa-selector="qaSelector"' # rubocop:disable QA/ElementWithPattern
             element :filter_dropdown_content
@@ -14,6 +21,14 @@ module QA::EE::Page
             element :security_tab
             element :security_counter
           end
+
+          view 'app/assets/javascripts/reports/components/report_item.vue' do
+            element :report_item_row
+          end
+
+          view 'app/assets/javascripts/reports/components/issue_status_icon.vue' do
+            element :icon_status, ':data-qa-selector="`status_${status}_icon`" ' # rubocop:disable QA/ElementWithPattern
+          end
         end
       end
 
@@ -33,6 +48,26 @@ module QA::EE::Page
         # Click the dropdown to close the modal and ensure it isn't open if this function is called again
         click_element(:filter_report_type_dropdown)
       end
+
+      def click_on_licenses
+        click_element(:licenses_tab)
+      end
+
+      def has_license_count_of?(count)
+        find_element(:licenses_counter).has_content?(count)
+      end
+
+      def has_approved_license?(name)
+        within_element(:report_item_row, text: name) do
+          has_element?(:status_success_icon)
+        end
+      end
+
+      def has_blacklisted_license?(name)
+        within_element(:report_item_row, text: name) do
+          has_element?(:status_failed_icon)
+        end
+      end
     end
   end
 end

qa/qa/ee/page/project/settings/ci_cd.rb

+# frozen_string_literal: true
+
+module QA::EE
+  module Page
+    module Project
+      module Settings
+        module CICD
+          def self.prepended(page)
+            page.module_eval do
+              view 'ee/app/views/projects/settings/ci_cd/_managed_licenses.html.haml' do
+                element :license_compliance_settings_content
+              end
+            end
+          end
+
+          def expand_license_compliance(&block)
+            expand_section(:license_compliance_settings_content) do
+              Settings::LicenseCompliance.perform(&block)
+            end
+          end
+        end
+      end
+    end
+  end
+end

qa/qa/ee/page/project/settings/license_compliance.rb

+# frozen_string_literal: true
+
+module QA::EE
+  module Page
+    module Project
+      module Settings
+        class LicenseCompliance < QA::Page::Base
+          include QA::Page::Component::Select2 # Select2 is an external library, so we can't add our own selectors
+
+          view 'ee/app/assets/javascripts/vue_shared/license_management/license_management.vue' do
+            element :license_add_button
+          end
+
+          view 'ee/app/assets/javascripts/vue_shared/license_management/components/add_license_form.vue' do
+            element :license_radio, 'data-qa-selector="`${option.value}_license_radio`"' # rubocop:disable QA/ElementWithPattern
+            element :add_license_submit_button
+          end
+
+          view 'ee/app/assets/javascripts/vue_shared/license_management/license_management.vue' do
+            element :license_compliance_list
+          end
+
+          view 'ee/app/assets/javascripts/vue_shared/license_management/components/license_management_row.vue' do
+            element :license_name_content
+          end
+
+          def approve_license(license)
+            click_element :license_add_button
+            expand_select_list
+            search_and_select license
+            click_element :approved_license_radio
+            click_element :add_license_submit_button
+
+            within_element :license_compliance_list do
+              has_element?(:license_name_content, text: license)
+            end
+          end
+
+          def deny_license(license)
+            click_element :license_add_button
+            expand_select_list
+            search_and_select license
+            click_element :blacklisted_license_radio
+            click_element :add_license_submit_button
+
+            within_element :license_compliance_list do
+              has_element?(:license_name_content, text: license)
+            end
+          end
+        end
+      end
+    end
+  end
+end

qa/qa/page/project/settings/ci_cd.rb

@@ -35,3 +35,5 @@ module QA
     end
   end
 end
+
+QA::Page::Project::Settings::CICD.prepend_if_ee('QA::EE::Page::Project::Settings::CICD')

qa/qa/specs/features/ee/browser_ui/secure/license_compliance_spec.rb

+# frozen_string_literal: true
+
+require 'pathname'
+
+module QA
+  context 'Secure', :docker do
+    describe 'License Compliance' do
+      let(:number_of_licenses_in_fixture) { 2 }
+      let(:approved_license_name) { "MIT" }
+      let(:denied_license_name) { "WTFPL" }
+
+      after do
+        Service::DockerRun::GitlabRunner.new(@executor).remove!
+      end
+
+      before do
+        @executor = "qa-runner-#{Time.now.to_i}"
+
+        # Handle WIP Job Logs flag - https://gitlab.com/gitlab-org/gitlab/issues/31162
+        @job_log_json_flag_enabled = Runtime::Feature.enabled?('job_log_json')
+        Runtime::Feature.disable('job_log_json') if @job_log_json_flag_enabled
+
+        Runtime::Browser.visit(:gitlab, Page::Main::Login)
+        Page::Main::Login.perform(&:sign_in_using_credentials)
+
+        @project = Resource::Project.fabricate_via_api! do |project|
+          project.name = Runtime::Env.auto_devops_project_name || 'project-with-secure'
+          project.description = 'Project with Secure'
+        end
+
+        Resource::Runner.fabricate! do |runner|
+          runner.project = @project
+          runner.name = @executor
+          runner.tags = %w[qa test]
+        end
+
+        # Push fixture to generate Secure reports
+        Resource::Repository::ProjectPush.fabricate! do |project_push|
+          project_push.project = @project
+          project_push.directory = Pathname
+            .new(__dir__)
+            .join('../../../../../ee/fixtures/secure_premade_reports')
+          project_push.commit_message = 'Create Secure compatible application to serve premade reports'
+        end.project.visit!
+
+        Page::Project::Menu.perform(&:go_to_ci_cd_settings)
+        Page::Project::Settings::CICD.perform(&:expand_license_compliance)
+        QA::EE::Page::Project::Settings::LicenseCompliance.perform do |license_compliance|
+          license_compliance.approve_license approved_license_name
+          license_compliance.deny_license denied_license_name
+        end
+
+        Page::Project::Menu.perform(&:click_ci_cd_pipelines)
+        Page::Project::Pipeline::Index.perform(&:click_on_latest_pipeline)
+
+        wait_for_job "license_management"
+      end
+
+      it 'displays license approval status in the pipeline' do
+        Page::Project::Menu.perform(&:click_ci_cd_pipelines)
+        Page::Project::Pipeline::Index.perform(&:click_on_latest_pipeline)
+
+        Page::Project::Pipeline::Show.perform do |pipeline|
+          pipeline.click_on_licenses
+
+          expect(pipeline).to have_license_count_of number_of_licenses_in_fixture
+          expect(pipeline).to have_approved_license approved_license_name
+          expect(pipeline).to have_blacklisted_license denied_license_name
+        end
+      end
+    end
+
+    def wait_for_job(job_name)
+      Page::Project::Pipeline::Show.perform do |pipeline|
+        pipeline.click_job(job_name)
+      end
+      Page::Project::Job::Show.perform do |job|
+        expect(job).to be_successful(timeout: 600)
+      end
+    end
+  end
+end