Commit e05cdb13 authored by Max Woolf's avatar Max Woolf

Merge branch '299114-drop-flag' into 'master'

Drop license_management artifact [RUN ALL RSPEC] [RUN AS-IF-FOSS]

See merge request gitlab-org/gitlab!62302
parents bd3bdd14 f385377c
......@@ -18,7 +18,6 @@ module Ci
ACCESSIBILITY_REPORT_FILE_TYPES = %w[accessibility].freeze
NON_ERASABLE_FILE_TYPES = %w[trace].freeze
TERRAFORM_REPORT_FILE_TYPES = %w[terraform].freeze
UNSUPPORTED_FILE_TYPES = %i[license_management].freeze
SAST_REPORT_TYPES = %w[sast].freeze
SECRET_DETECTION_REPORT_TYPES = %w[secret_detection].freeze
DEFAULT_FILE_NAMES = {
......@@ -35,7 +34,6 @@ module Ci
dependency_scanning: 'gl-dependency-scanning-report.json',
container_scanning: 'gl-container-scanning-report.json',
dast: 'gl-dast-report.json',
license_management: 'gl-license-management-report.json',
license_scanning: 'gl-license-scanning-report.json',
performance: 'performance.json',
browser_performance: 'browser-performance.json',
......@@ -74,7 +72,6 @@ module Ci
dependency_scanning: :raw,
container_scanning: :raw,
dast: :raw,
license_management: :raw,
license_scanning: :raw,
# All these file formats use `raw` as we need to store them uncompressed
......@@ -102,7 +99,6 @@ module Ci
dependency_scanning
dotenv
junit
license_management
license_scanning
lsif
metrics
......@@ -124,7 +120,6 @@ module Ci
mount_file_store_uploader JobArtifactUploader
validates :file_format, presence: true, unless: :trace?, on: :create
validate :validate_supported_file_format!, on: :create
validate :validate_file_format!, unless: :trace?, on: :create
before_save :set_size, if: :file_changed?
......@@ -199,8 +194,7 @@ module Ci
container_scanning: 7, ## EE-specific
dast: 8, ## EE-specific
codequality: 9, ## EE-specific
license_management: 10, ## EE-specific
license_scanning: 101, ## EE-specific till 13.0
license_scanning: 101, ## EE-specific
performance: 11, ## EE-specific till 13.2
metrics: 12, ## EE-specific
metrics_referee: 13, ## runner referees
......@@ -233,14 +227,6 @@ module Ci
hashed_path: 2
}
def validate_supported_file_format!
return if Feature.disabled?(:drop_license_management_artifact, project, default_enabled: true)
if UNSUPPORTED_FILE_TYPES.include?(self.file_type&.to_sym)
errors.add(:base, _("File format is no longer supported"))
end
end
def validate_file_format!
unless TYPE_AND_FORMAT_PAIRS[self.file_type&.to_sym] == self.file_format&.to_sym
errors.add(:base, _('Invalid file format with specified file type'))
......
---
name: drop_license_management_artifact
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/31247
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/299114
milestone: 13.0
type: development
group: group::composition analysis
default_enabled: true
......@@ -14310,7 +14310,6 @@ Iteration ID wildcard values.
| <a id="jobartifactfiletypedependency_scanning"></a>`DEPENDENCY_SCANNING` | DEPENDENCY SCANNING job artifact file type. |
| <a id="jobartifactfiletypedotenv"></a>`DOTENV` | DOTENV job artifact file type. |
| <a id="jobartifactfiletypejunit"></a>`JUNIT` | JUNIT job artifact file type. |
| <a id="jobartifactfiletypelicense_management"></a>`LICENSE_MANAGEMENT` | LICENSE MANAGEMENT job artifact file type. |
| <a id="jobartifactfiletypelicense_scanning"></a>`LICENSE_SCANNING` | LICENSE SCANNING job artifact file type. |
| <a id="jobartifactfiletypeload_performance"></a>`LOAD_PERFORMANCE` | LOAD PERFORMANCE job artifact file type. |
| <a id="jobartifactfiletypelsif"></a>`LSIF` | LSIF job artifact file type. |
......
......@@ -3478,22 +3478,6 @@ concatenate them into a single file. Use a filename pattern (`junit: rspec-*.xml
an array of filenames (`junit: [rspec-1.xml, rspec-2.xml, rspec-3.xml]`), or a
combination thereof (`junit: [rspec.xml, test-results/TEST-*.xml]`).
##### `artifacts:reports:license_management` **(ULTIMATE)**
> - Introduced in GitLab 11.5.
> - Requires GitLab Runner 11.5 and above.
WARNING:
This artifact is still valid but is **deprecated** in favor of the
[artifacts:reports:license_scanning](#artifactsreportslicense_scanning)
introduced in GitLab 12.8.
The `license_management` report collects [Licenses](../../user/compliance/license_compliance/index.md)
as artifacts.
The collected License Compliance report uploads to GitLab as an artifact and is summarized in merge requests and the pipeline view. It's also used to provide data for security
dashboards.
##### `artifacts:reports:license_scanning` **(ULTIMATE)**
> - Introduced in GitLab 12.8.
......
......@@ -186,7 +186,7 @@ The jobs are separated into stages:
- Jobs suffixed with `-sast` run static analysis on the current code to check for potential
security issues, and are allowed to fail ([Auto SAST](stages.md#auto-sast)) **(ULTIMATE)**
- The `secret-detection` job checks for leaked secrets and is allowed to fail ([Auto Secret Detection](stages.md#auto-secret-detection)) **(ULTIMATE)**
- The `license_management` job searches the application's dependencies to determine each of their
- The `license_scanning` job searches the application's dependencies to determine each of their
licenses and is allowed to fail
([Auto License Compliance](stages.md#auto-license-compliance)) **(ULTIMATE)**
......
......@@ -16,7 +16,7 @@ module EE
after_destroy :log_geo_deleted_event
SECURITY_REPORT_FILE_TYPES = %w[sast secret_detection dependency_scanning container_scanning dast coverage_fuzzing api_fuzzing].freeze
LICENSE_SCANNING_REPORT_FILE_TYPES = %w[license_management license_scanning].freeze
LICENSE_SCANNING_REPORT_FILE_TYPES = %w[license_scanning].freeze
DEPENDENCY_LIST_REPORT_FILE_TYPES = %w[dependency_scanning].freeze
METRICS_REPORT_FILE_TYPES = %w[metrics].freeze
CONTAINER_SCANNING_REPORT_TYPES = %w[container_scanning].freeze
......
......@@ -50,7 +50,6 @@ module EE
performance: %i[merge_request_performance_metrics],
browser_performance: %i[merge_request_performance_metrics],
load_performance: %i[merge_request_performance_metrics],
license_management: %i[license_scanning],
license_scanning: %i[license_scanning],
metrics: %i[metrics_reports],
requirements: %i[requirements],
......@@ -112,9 +111,9 @@ module EE
end
def license_scanning_report
::Gitlab::Ci::Reports::LicenseScanning::Report.new.tap do |license_management_report|
::Gitlab::Ci::Reports::LicenseScanning::Report.new.tap do |license_scanning_report|
latest_report_builds(::Ci::JobArtifact.license_scanning_reports).each do |build|
build.collect_license_scanning_reports!(license_management_report)
build.collect_license_scanning_reports!(license_scanning_report)
end
end
end
......
......@@ -9,7 +9,6 @@ module EE
class_methods do
def parsers
super.merge({
license_management: ::Gitlab::Ci::Parsers::LicenseCompliance::LicenseScanning,
license_scanning: ::Gitlab::Ci::Parsers::LicenseCompliance::LicenseScanning,
dependency_scanning: ::Gitlab::Ci::Parsers::Security::DependencyScanning,
container_scanning: ::Gitlab::Ci::Parsers::Security::ContainerScanning,
......
......@@ -6,7 +6,7 @@ FactoryBot.define do
failure_reason { Ci::Build.failure_reasons[:protected_environment_failure] }
end
%i[api_fuzzing codequality container_scanning dast dependency_scanning license_management license_scanning performance browser_performance load_performance sast secret_detection coverage_fuzzing].each do |report_type|
%i[api_fuzzing codequality container_scanning dast dependency_scanning license_scanning performance browser_performance load_performance sast secret_detection coverage_fuzzing].each do |report_type|
trait "legacy_#{report_type}".to_sym do
success
artifacts
......
......@@ -189,18 +189,6 @@ FactoryBot.define do
end
end
trait :license_management do
to_create { |instance| instance.save!(validate: false) }
file_type { :license_management }
file_format { :raw }
after(:build) do |artifact, _|
artifact.file = fixture_file_upload(
Rails.root.join('ee/spec/fixtures/security_reports/deprecated/gl-license-management-report.json'), 'application/json')
end
end
trait :license_scanning do
file_type { :license_scanning }
file_format { :raw }
......
......@@ -2,7 +2,7 @@
FactoryBot.define do
factory :ee_ci_pipeline, class: 'Ci::Pipeline', parent: :ci_pipeline do
%i[api_fuzzing browser_performance codequality container_scanning coverage_fuzzing dast dependency_list dependency_scanning license_management license_scanning load_performance sast secret_detection].each do |report_type|
%i[api_fuzzing browser_performance codequality container_scanning coverage_fuzzing dast dependency_list dependency_scanning license_scanning load_performance sast secret_detection].each do |report_type|
trait "with_#{report_type}_report".to_sym do
status { :success }
......
......@@ -73,18 +73,6 @@ FactoryBot.define do
factory :merge_request_with_approver, parent: :merge_request, traits: [:with_approver]
factory :ee_merge_request, parent: :merge_request do
trait :with_license_management_reports do
after(:build) do |merge_request|
merge_request.head_pipeline = build(
:ee_ci_pipeline,
:success,
:with_license_management_report,
project: merge_request.source_project,
ref: merge_request.source_branch,
sha: merge_request.diff_head_sha)
end
end
trait :with_license_scanning_reports do
after(:build) do |merge_request|
merge_request.head_pipeline = build(
......
......@@ -99,7 +99,7 @@ RSpec.describe Gitlab::Ci::Parsers::Security::DependencyList do
end
describe '#parse_licenses!' do
let(:artifact) { create(:ee_ci_job_artifact, :license_management) }
let(:artifact) { create(:ee_ci_job_artifact, :license_scanning) }
let(:dependency_info) { build(:dependency, :nokogiri, :with_vulnerabilities) }
before do
......
......@@ -33,12 +33,6 @@ RSpec.describe Ci::Build do
let(:artifact) { build.job_artifacts.first }
context 'with old license_management artifact' do
let!(:license_artifact) { create(:ee_ci_job_artifact, :license_management, job: job, project: job.project) }
it { expect(artifact.file_type).to eq 'license_management' }
end
context 'with new license_scanning artifact' do
let!(:license_artifact) { create(:ee_ci_job_artifact, :license_scanning, job: job, project: job.project) }
......@@ -317,7 +311,7 @@ RSpec.describe Ci::Build do
stub_licensed_features(license_scanning: true)
end
context 'when there is a new type report' do
context 'when there is a report' do
before do
create(:ee_ci_job_artifact, :license_scanning, job: job, project: job.project)
end
......@@ -331,20 +325,6 @@ RSpec.describe Ci::Build do
end
end
context 'when there is an old type report' do
before do
create(:ee_ci_job_artifact, :license_management, job: job, project: job.project)
end
it 'parses blobs and add the results to the report' do
expect { subject }.not_to raise_error
expect(license_scanning_report.licenses.count).to eq(4)
expect(license_scanning_report.licenses.map(&:name)).to contain_exactly("Apache 2.0", "MIT", "New BSD", "unknown")
expect(license_scanning_report.licenses.find { |x| x.name == 'MIT' }.dependencies.count).to eq(52)
end
end
context 'when there is a corrupted report' do
before do
create(:ee_ci_job_artifact, :license_scan, :with_corrupted_data, job: job, project: job.project)
......
......@@ -99,15 +99,11 @@ RSpec.describe Ci::Pipeline do
before do
stub_licensed_features(license_scanning: true)
stub_feature_flags(drop_license_management_artifact: false)
create(:ee_ci_build, :license_scanning, pipeline: pipeline)
end
[:license_scanning, :license_management].each do |artifact_type|
let!(:build) { create(:ee_ci_build, artifact_type, pipeline: pipeline) }
it { is_expected.to be_truthy }
end
end
describe '#security_reports' do
subject { pipeline.security_reports }
......
......@@ -26,19 +26,11 @@ RSpec.describe Ci::JobArtifact do
describe '.license_scanning_reports' do
subject { Ci::JobArtifact.license_scanning_reports }
context 'when there is a license management report' do
let!(:artifact) { create(:ee_ci_job_artifact, :license_management) }
let_it_be(:artifact) { create(:ee_ci_job_artifact, :license_scanning) }
it { is_expected.to eq([artifact]) }
end
context 'when there is a license scanning report' do
let!(:artifact) { create(:ee_ci_job_artifact, :license_scanning) }
it { is_expected.to eq([artifact]) }
end
end
describe '.metrics_reports' do
subject { Ci::JobArtifact.metrics_reports }
......@@ -139,7 +131,7 @@ RSpec.describe Ci::JobArtifact do
subject { Ci::JobArtifact.associated_file_types_for(file_type) }
where(:file_type, :result) do
'license_scanning' | %w(license_management license_scanning)
'license_scanning' | %w(license_scanning)
'codequality' | %w(codequality)
'browser_performance' | %w(browser_performance performance)
'load_performance' | %w(load_performance)
......
......@@ -281,7 +281,6 @@ RSpec.describe MergeRequest do
:container_scanning | :with_container_scanning_reports | :container_scanning
:dast | :with_dast_reports | :dast
:dependency_scanning | :with_dependency_scanning_reports | :dependency_scanning
:license_scanning | :with_license_management_reports | :license_scanning
:license_scanning | :with_license_scanning_reports | :license_scanning
:coverage_fuzzing | :with_coverage_fuzzing_reports | :coverage_fuzzing
:secret_detection | :with_secret_detection_reports | :secret_detection
......@@ -292,7 +291,6 @@ RSpec.describe MergeRequest do
subject { merge_request.enabled_reports[report_type] }
before do
stub_feature_flags(drop_license_management_artifact: false)
stub_licensed_features({ feature => true })
end
......
......@@ -73,50 +73,23 @@ RSpec.describe Ci::SyncReportsToApprovalRulesService, '#execute' do
context "license compliance policy" do
let!(:license_compliance_rule) { create(:report_approver_rule, :license_scanning, merge_request: merge_request, approvals_required: 1) }
before do
stub_feature_flags(drop_license_management_artifact: false)
end
context "when a license violates the license compliance policy" do
let!(:software_license_policy) { create(:software_license_policy, :denied, project: project, software_license: denied_license) }
let!(:ci_build) { create(:ee_ci_build, :success, :license_scanning, pipeline: pipeline, project: project) }
let(:denied_license) { create(:software_license, name: license_name) }
let(:license_name) { ci_build.pipeline.license_scanning_report.license_names[0] }
context 'with a new report' do
let!(:ci_build) { create(:ee_ci_build, :success, :license_scanning, pipeline: pipeline, project: project) }
specify { expect { subject }.not_to change { license_compliance_rule.reload.approvals_required } }
specify { expect(subject[:status]).to be(:success) }
end
context 'with an old report' do
let!(:ci_build) { create(:ee_ci_build, :success, :license_management, pipeline: pipeline, project: project) }
specify { expect { subject }.not_to change { license_compliance_rule.reload.approvals_required } }
specify { expect(subject[:status]).to be(:success) }
end
end
context "when no licenses violate the license compliance policy" do
context 'with a new report' do
let!(:ci_build) { create(:ee_ci_build, :success, :license_scanning, pipeline: pipeline, project: project) }
specify { expect { subject }.to change { license_compliance_rule.reload.approvals_required }.from(1).to(0) }
specify { expect(subject[:status]).to be(:success) }
end
context 'with an old report' do
let!(:ci_build) { create(:ee_ci_build, :success, :license_management, pipeline: pipeline, project: project) }
before do
stub_feature_flags(drop_license_management_artifact: false)
end
specify { expect { subject }.to change { license_compliance_rule.reload.approvals_required }.from(1).to(0) }
specify { expect(subject[:status]).to be(:success) }
end
end
context "when an unexpected error occurs" do
before do
allow_next_instance_of(Gitlab::Ci::Reports::LicenseScanning::Report) do |instance|
......
......@@ -13,7 +13,7 @@ module Gitlab
ALLOWED_KEYS =
%i[junit codequality sast secret_detection dependency_scanning container_scanning
dast performance browser_performance load_performance license_management license_scanning metrics lsif
dast performance browser_performance load_performance license_scanning metrics lsif
dotenv cobertura terraform accessibility cluster_applications
requirements coverage_fuzzing api_fuzzing].freeze
......@@ -36,7 +36,6 @@ module Gitlab
validates :performance, array_of_strings_or_string: true
validates :browser_performance, array_of_strings_or_string: true
validates :load_performance, array_of_strings_or_string: true
validates :license_management, array_of_strings_or_string: true
validates :license_scanning, array_of_strings_or_string: true
validates :metrics, array_of_strings_or_string: true
validates :lsif, array_of_strings_or_string: true
......
......@@ -13993,9 +13993,6 @@ msgstr ""
msgid "File deleted"
msgstr ""
msgid "File format is no longer supported"
msgstr ""
msgid "File hooks are similar to system hooks but are executed as files instead of sending data to a URL."
msgstr ""
......
......@@ -508,14 +508,6 @@ FactoryBot.define do
end
end
trait :license_management do
options do
{
artifacts: { reports: { license_management: 'gl-license-management-report.json' } }
}
end
end
trait :license_scanning do
options do
{
......
......@@ -41,7 +41,6 @@ RSpec.describe Gitlab::Ci::Config::Entry::Reports do
:dependency_scanning | 'gl-dependency-scanning-report.json'
:container_scanning | 'gl-container-scanning-report.json'
:dast | 'gl-dast-report.json'
:license_management | 'gl-license-management-report.json'
:license_scanning | 'gl-license-scanning-report.json'
:performance | 'performance.json'
:browser_performance | 'browser-performance.json'
......
......@@ -111,10 +111,6 @@ RSpec.describe Ci::Build do
describe '.with_downloadable_artifacts' do
subject { described_class.with_downloadable_artifacts }
before do
stub_feature_flags(drop_license_management_artifact: false)
end
context 'when job does not have a downloadable artifact' do
let!(:job) { create(:ci_build) }
......@@ -1732,8 +1728,6 @@ RSpec.describe Ci::Build do
subject { build.erase_erasable_artifacts! }
before do
stub_feature_flags(drop_license_management_artifact: false)
Ci::JobArtifact.file_types.keys.each do |file_type|
create(:ci_job_artifact, job: build, file_type: file_type, file_format: Ci::JobArtifact::TYPE_AND_FORMAT_PAIRS[file_type.to_sym])
end
......
......@@ -328,35 +328,9 @@ RSpec.describe Ci::JobArtifact do
end
end
describe 'validates if file format is supported' do
subject { artifact }
let(:artifact) { build(:ci_job_artifact, file_type: :license_management, file_format: :raw) }
context 'when license_management is supported' do
before do
stub_feature_flags(drop_license_management_artifact: false)
end
it { is_expected.to be_valid }
end
context 'when license_management is not supported' do
before do
stub_feature_flags(drop_license_management_artifact: true)
end
it { is_expected.not_to be_valid }
end
end
describe 'validates file format' do
subject { artifact }
before do
stub_feature_flags(drop_license_management_artifact: false)
end
described_class::TYPE_AND_FORMAT_PAIRS.except(:trace).each do |file_type, file_format|
context "when #{file_type} type with #{file_format} format" do
let(:artifact) { build(:ci_job_artifact, file_type: file_type, file_format: file_format) }
......
......@@ -4906,7 +4906,6 @@ RSpec.describe MergeRequest, factory_default: :keep do
subject { merge_request.enabled_reports[report_type] }
before do
stub_feature_flags(drop_license_management_artifact: false)
stub_licensed_features({ feature => true })
end
......
......@@ -40,7 +40,7 @@ RSpec.describe Ci::RetryBuildService do
job_artifacts_metadata job_artifacts_trace job_artifacts_junit
job_artifacts_sast job_artifacts_secret_detection job_artifacts_dependency_scanning
job_artifacts_container_scanning job_artifacts_dast
job_artifacts_license_management job_artifacts_license_scanning
job_artifacts_license_scanning
job_artifacts_performance job_artifacts_browser_performance job_artifacts_load_performance
job_artifacts_lsif job_artifacts_terraform job_artifacts_cluster_applications
job_artifacts_codequality job_artifacts_metrics scheduled_at
......@@ -74,9 +74,6 @@ RSpec.describe Ci::RetryBuildService do
end
before_all do
# Test correctly behaviour of deprecated artifact because it can be still in use
stub_feature_flags(drop_license_management_artifact: false)
# Make sure that build has both `stage_id` and `stage` because FactoryBot
# can reset one of the fields when assigning another. We plan to deprecate
# and remove legacy `stage` column in the future.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment