kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Add latest changes from gitlab-org/gitlab@master

Browse source
This commit is contained in:
GitLab Bot 2021-08-07 00:09:01 +00:00
parent 5de148b2f4
commit 4e4519f1f8
28 changed files with 291 additions and 823 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
app/assets/javascripts/analytics/devops_report/components/devops_score.vue
View file

@ -1,6 +1,7 @@
<script>
import { GlBadge, GlTable, GlLink, GlEmptyState } from '@gitlab/ui';
import { GlSingleStat } from '@gitlab/ui/dist/charts';
import { helpPagePath } from '~/helpers/help_page_helper';
import { sprintf, s__ } from '~/locale';
import DevopsScoreCallout from './devops_score_callout.vue';
@ -22,9 +23,6 @@ export default {
devopsScoreMetrics: {
default: null,
},
devopsReportDocsPath: {
default: '',
},
noDataImagePath: {
default: '',
},
@ -42,6 +40,7 @@ export default {
return this.devopsScoreMetrics.averageScore === undefined;
},
},
devopsReportDocsPath: helpPagePath('user/admin_area/analytics/dev_ops_report'),
tableHeaderFields: [
{
key: 'title',
@ -76,7 +75,7 @@ export default {
>
<template #description>
<p class="gl-mb-0">{{ __('It may be several days before you see feature usage data.') }}</p>
<gl-link :href="devopsReportDocsPath">{{
<gl-link :href="$options.devopsReportDocsPath">{{
__('See example DevOps Score page in our documentation.')
}}</gl-link>
</template>

14
app/assets/javascripts/analytics/devops_report/components/service_ping_disabled.vue
View file

@ -1,5 +1,6 @@
<script>
import { GlEmptyState, GlSprintf, GlLink, GlButton } from '@gitlab/ui';
import { helpPagePath } from '~/helpers/help_page_helper';
export default {
components: {
@ -15,13 +16,11 @@ export default {
svgPath: {
default: '',
},
docsLink: {
default: '',
},
primaryButtonPath: {
default: '',
},
},
docsLink: helpPagePath('development/service_ping/index.md'),
};
</script>
<template>
@ -36,7 +35,7 @@ export default {
"
>
<template #docLink="{ content }">
<gl-link :href="docsLink" target="_blank" data-testid="docs-link">{{ content }}</gl-link>
<gl-link :href="$options.docsLink" target="_blank">{{ content }}</gl-link>
</template>
</gl-sprintf>
<template v-else>
@ -44,12 +43,7 @@ export default {
{{ s__('ServicePing|Turn on service ping to review instance-level analytics.') }}
</p>
<gl-button
category="primary"
variant="success"
:href="primaryButtonPath"
data-testid="power-on-button"
>
<gl-button category="primary" variant="success" :href="primaryButtonPath">
{{ s__('ServicePing|Turn on service ping') }}
</gl-button>
</template>

8
app/assets/javascripts/analytics/devops_report/devops_score.js
View file

@ -6,18 +6,12 @@ export default () => {
if (!el) return false;
const {
devopsScoreMetrics,
devopsReportDocsPath,
noDataImagePath,
devopsScoreIntroImagePath,
} = el.dataset;
const { devopsScoreMetrics, noDataImagePath, devopsScoreIntroImagePath } = el.dataset;
return new Vue({
el,
provide: {
devopsScoreMetrics: JSON.parse(devopsScoreMetrics),
devopsReportDocsPath,
noDataImagePath,
devopsScoreIntroImagePath,
},

8
app/assets/javascripts/analytics/devops_report/devops_score_disabled_service_ping.js
View file

@ -11,12 +11,7 @@ export default () => {
if (!emptyStateContainer) return false;
const {
isAdmin,
emptyStateSvgPath,
enableServicePingPath,
docsLink,
} = emptyStateContainer.dataset;
const { isAdmin, emptyStateSvgPath, enableServicePingPath } = emptyStateContainer.dataset;
return new Vue({
el: emptyStateContainer,
@ -24,7 +19,6 @@ export default () => {
isAdmin: parseBoolean(isAdmin),
svgPath: emptyStateSvgPath,
primaryButtonPath: enableServicePingPath,
docsLink,
},
render(h) {
return h(ServicePingDisabled);

6
app/assets/javascripts/pages/projects/edit/index.js
View file

@ -25,10 +25,6 @@ initProjectLoadingSpinner();
initProjectPermissionsSettings();
setupTransferEdit('.js-project-transfer-form', 'select.select2');
dirtySubmitFactory(
document.querySelectorAll(
'.js-general-settings-form, .js-mr-settings-form, .js-mr-approvals-form',
),
);
dirtySubmitFactory(document.querySelectorAll('.js-general-settings-form, .js-mr-settings-form'));
initSearchSettings();

4
app/assets/javascripts/pages/projects/security/configuration/index.js
View file

@ -1,3 +1,3 @@
import { initCESecurityConfiguration } from '~/security_configuration';
import { initSecurityConfiguration } from '~/security_configuration';
initCESecurityConfiguration(document.querySelector('#js-security-configuration-static'));
initSecurityConfiguration(document.querySelector('#js-security-configuration-static'));

211
app/assets/javascripts/security_configuration/components/app.vue
View file

@ -1,23 +1,216 @@
<script>
import ConfigurationTable from './configuration_table.vue';
import { GlTab, GlTabs, GlSprintf, GlLink } from '@gitlab/ui';
import { __, s__ } from '~/locale';
import LocalStorageSync from '~/vue_shared/components/local_storage_sync.vue';
import UserCalloutDismisser from '~/vue_shared/components/user_callout_dismisser.vue';
import AutoDevOpsAlert from './auto_dev_ops_alert.vue';
import AutoDevOpsEnabledAlert from './auto_dev_ops_enabled_alert.vue';
import { AUTO_DEVOPS_ENABLED_ALERT_DISMISSED_STORAGE_KEY } from './constants';
import FeatureCard from './feature_card.vue';
import SectionLayout from './section_layout.vue';
import UpgradeBanner from './upgrade_banner.vue';
export const i18n = {
compliance: s__('SecurityConfiguration|Compliance'),
configurationHistory: s__('SecurityConfiguration|Configuration history'),
securityTesting: s__('SecurityConfiguration|Security testing'),
latestPipelineDescription: s__(
`SecurityConfiguration|The status of the tools only applies to the
default branch and is based on the %{linkStart}latest pipeline%{linkEnd}.`,
),
description: s__(
`SecurityConfiguration|Once you've enabled a scan for the default branch,
any subsequent feature branch you create will include the scan.`,
),
securityConfiguration: __('Security Configuration'),
};
export default {
i18n,
components: {
ConfigurationTable,
AutoDevOpsAlert,
AutoDevOpsEnabledAlert,
FeatureCard,
GlLink,
GlSprintf,
GlTab,
GlTabs,
LocalStorageSync,
SectionLayout,
UpgradeBanner,
UserCalloutDismisser,
},
inject: ['projectPath'],
props: {
augmentedSecurityFeatures: {
type: Array,
required: true,
},
augmentedComplianceFeatures: {
type: Array,
required: true,
},
gitlabCiPresent: {
type: Boolean,
required: false,
default: false,
},
autoDevopsEnabled: {
type: Boolean,
required: false,
default: false,
},
canEnableAutoDevops: {
type: Boolean,
required: false,
default: false,
},
gitlabCiHistoryPath: {
type: String,
required: false,
default: '',
},
latestPipelinePath: {
type: String,
required: false,
default: '',
},
},
data() {
return {
autoDevopsEnabledAlertDismissedProjects: [],
};
},
computed: {
canUpgrade() {
return [...this.augmentedSecurityFeatures, ...this.augmentedComplianceFeatures].some(
({ available }) => !available,
);
},
canViewCiHistory() {
return Boolean(this.gitlabCiPresent && this.gitlabCiHistoryPath);
},
shouldShowDevopsAlert() {
return !this.autoDevopsEnabled && !this.gitlabCiPresent && this.canEnableAutoDevops;
},
shouldShowAutoDevopsEnabledAlert() {
return (
this.autoDevopsEnabled &&
!this.autoDevopsEnabledAlertDismissedProjects.includes(this.projectPath)
);
},
},
methods: {
dismissAutoDevopsEnabledAlert() {
const dismissedProjects = new Set(this.autoDevopsEnabledAlertDismissedProjects);
dismissedProjects.add(this.projectPath);
this.autoDevopsEnabledAlertDismissedProjects = Array.from(dismissedProjects);
},
},
autoDevopsEnabledAlertStorageKey: AUTO_DEVOPS_ENABLED_ALERT_DISMISSED_STORAGE_KEY,
};
</script>
<template>
<article>
<local-storage-sync
v-model="autoDevopsEnabledAlertDismissedProjects"
:storage-key="$options.autoDevopsEnabledAlertStorageKey"
as-json
/>
<user-callout-dismisser
v-if="shouldShowDevopsAlert"
feature-name="security_configuration_devops_alert"
>
<template #default="{ dismiss, shouldShowCallout }">
<auto-dev-ops-alert v-if="shouldShowCallout" class="gl-mt-3" @dismiss="dismiss" />
</template>
</user-callout-dismisser>
<header>
<h4 class="gl-my-5">
{{ __('Security Configuration') }}
</h4>
<h5 class="gl-font-lg gl-mt-7">
{{ s__('SecurityConfiguration|Testing & Compliance') }}
</h5>
<h1 class="gl-font-size-h1">{{ $options.i18n.securityConfiguration }}</h1>
</header>
<configuration-table />
<user-callout-dismisser v-if="canUpgrade" feature-name="security_configuration_upgrade_banner">
<template #default="{ dismiss, shouldShowCallout }">
<upgrade-banner v-if="shouldShowCallout" @close="dismiss" />
</template>
</user-callout-dismisser>
<gl-tabs content-class="gl-pt-0">
<gl-tab data-testid="security-testing-tab" :title="$options.i18n.securityTesting">
<auto-dev-ops-enabled-alert
v-if="shouldShowAutoDevopsEnabledAlert"
class="gl-mt-3"
@dismiss="dismissAutoDevopsEnabledAlert"
/>
<section-layout :heading="$options.i18n.securityTesting">
<template #description>
<p>
<span data-testid="latest-pipeline-info-security">
<gl-sprintf
v-if="latestPipelinePath"
:message="$options.i18n.latestPipelineDescription"
>
<template #link="{ content }">
<gl-link :href="latestPipelinePath">{{ content }}</gl-link>
</template>
</gl-sprintf>
</span>
{{ $options.i18n.description }}
</p>
<p v-if="canViewCiHistory">
<gl-link data-testid="security-view-history-link" :href="gitlabCiHistoryPath">{{
$options.i18n.configurationHistory
}}</gl-link>
</p>
</template>
<template #features>
<feature-card
v-for="feature in augmentedSecurityFeatures"
:key="feature.type"
data-testid="security-testing-card"
:feature="feature"
class="gl-mb-6"
/>
</template>
</section-layout>
</gl-tab>
<gl-tab data-testid="compliance-testing-tab" :title="$options.i18n.compliance">
<section-layout :heading="$options.i18n.compliance">
<template #description>
<p>
<span data-testid="latest-pipeline-info-compliance">
<gl-sprintf
v-if="latestPipelinePath"
:message="$options.i18n.latestPipelineDescription"
>
<template #link="{ content }">
<gl-link :href="latestPipelinePath">{{ content }}</gl-link>
</template>
</gl-sprintf>
</span>
{{ $options.i18n.description }}
</p>
<p v-if="canViewCiHistory">
<gl-link data-testid="compliance-view-history-link" :href="gitlabCiHistoryPath">{{
$options.i18n.configurationHistory
}}</gl-link>
</p>
</template>
<template #features>
<feature-card
v-for="feature in augmentedComplianceFeatures"
:key="feature.type"
:feature="feature"
class="gl-mb-6"
/>
</template>
</section-layout>
</gl-tab>
</gl-tabs>
</article>
</template>

109
app/assets/javascripts/security_configuration/components/configuration_table.vue
View file

@ -1,109 +0,0 @@
<script>
import { GlLink, GlTable, GlAlert } from '@gitlab/ui';
import { s__, sprintf } from '~/locale';
import ManageViaMR from '~/vue_shared/security_configuration/components/manage_via_mr.vue';
import {
REPORT_TYPE_SAST,
REPORT_TYPE_DAST,
REPORT_TYPE_DAST_PROFILES,
REPORT_TYPE_DEPENDENCY_SCANNING,
REPORT_TYPE_CONTAINER_SCANNING,
REPORT_TYPE_CLUSTER_IMAGE_SCANNING,
REPORT_TYPE_COVERAGE_FUZZING,
REPORT_TYPE_API_FUZZING,
REPORT_TYPE_LICENSE_COMPLIANCE,
} from '~/vue_shared/security_reports/constants';
import { scanners } from './constants';
import Upgrade from './upgrade.vue';
const borderClasses = 'gl-border-b-1! gl-border-b-solid! gl-border-gray-100!';
const thClass = `gl-text-gray-900 gl-bg-transparent! ${borderClasses}`;
export default {
components: {
GlLink,
GlTable,
GlAlert,
},
data() {
return {
errorMessage: '',
};
},
methods: {
getFeatureDocumentationLinkLabel(item) {
return sprintf(s__('SecurityConfiguration|Feature documentation for %{featureName}'), {
featureName: item.name,
});
},
onError(value) {
this.errorMessage = value;
},
getComponentForItem(item) {
const COMPONENTS = {
[REPORT_TYPE_SAST]: ManageViaMR,
[REPORT_TYPE_DAST]: Upgrade,
[REPORT_TYPE_DAST_PROFILES]: Upgrade,
[REPORT_TYPE_DEPENDENCY_SCANNING]: Upgrade,
[REPORT_TYPE_CONTAINER_SCANNING]: Upgrade,
[REPORT_TYPE_CLUSTER_IMAGE_SCANNING]: Upgrade,
[REPORT_TYPE_COVERAGE_FUZZING]: Upgrade,
[REPORT_TYPE_API_FUZZING]: Upgrade,
[REPORT_TYPE_LICENSE_COMPLIANCE]: Upgrade,
};
return COMPONENTS[item.type];
},
},
table: {
fields: [
{
key: 'feature',
label: s__('SecurityConfiguration|Security Control'),
thClass,
},
{
key: 'manage',
label: s__('SecurityConfiguration|Manage'),
thClass,
},
],
items: scanners,
},
};
</script>
<template>
<div>
<gl-alert v-if="errorMessage" variant="danger" :dismissible="false">
{{ errorMessage }}
</gl-alert>
<gl-table :items="$options.table.items" :fields="$options.table.fields" stacked="md">
<template #cell(feature)="{ item }">
<div class="gl-text-gray-900">
{{ item.name }}
</div>
<div>
{{ item.description }}
<gl-link
target="_blank"
data-testid="help-link"
:href="item.helpPath"
:aria-label="getFeatureDocumentationLinkLabel(item)"
>
{{ s__('SecurityConfiguration|More information') }}
</gl-link>
</div>
</template>
<template #cell(manage)="{ item }">
<component
:is="getComponentForItem(item)"
:feature="item"
:data-testid="item.type"
@error="onError"
/>
</template>
</gl-table>
</div>
</template>

70
app/assets/javascripts/security_configuration/components/constants.js
View file

@ -18,8 +18,9 @@ import configureSastMutation from '../graphql/configure_sast.mutation.graphql';
import configureSecretDetectionMutation from '../graphql/configure_secret_detection.mutation.graphql';
/**
* Translations & helpPagePaths for Static Security Configuration Page
* Translations & helpPagePaths for Security Configuration Page
*/
export const SAST_NAME = __('Static Application Security Testing (SAST)');
export const SAST_SHORT_NAME = s__('ciReport|SAST');
export const SAST_DESCRIPTION = __('Analyze your source code for known vulnerabilities.');
@ -115,73 +116,6 @@ export const LICENSE_COMPLIANCE_HELP_PATH = helpPagePath(
'user/compliance/license_compliance/index',
);
export const UPGRADE_CTA = s__(
'SecurityConfiguration|Available with %{linkStart}upgrade or free trial%{linkEnd}',
);
export const scanners = [
{
name: SAST_NAME,
description: SAST_DESCRIPTION,
helpPath: SAST_HELP_PATH,
type: REPORT_TYPE_SAST,
},
{
name: DAST_NAME,
description: DAST_DESCRIPTION,
helpPath: DAST_HELP_PATH,
type: REPORT_TYPE_DAST,
},
{
name: DAST_PROFILES_NAME,
description: DAST_PROFILES_DESCRIPTION,
helpPath: DAST_PROFILES_HELP_PATH,
type: REPORT_TYPE_DAST_PROFILES,
},
{
name: DEPENDENCY_SCANNING_NAME,
description: DEPENDENCY_SCANNING_DESCRIPTION,
helpPath: DEPENDENCY_SCANNING_HELP_PATH,
type: REPORT_TYPE_DEPENDENCY_SCANNING,
},
{
name: CONTAINER_SCANNING_NAME,
description: CONTAINER_SCANNING_DESCRIPTION,
helpPath: CONTAINER_SCANNING_HELP_PATH,
type: REPORT_TYPE_CONTAINER_SCANNING,
},
{
name: CLUSTER_IMAGE_SCANNING_NAME,
description: CLUSTER_IMAGE_SCANNING_DESCRIPTION,
helpPath: CLUSTER_IMAGE_SCANNING_HELP_PATH,
type: REPORT_TYPE_CLUSTER_IMAGE_SCANNING,
},
{
name: SECRET_DETECTION_NAME,
description: SECRET_DETECTION_DESCRIPTION,
helpPath: SECRET_DETECTION_HELP_PATH,
type: REPORT_TYPE_SECRET_DETECTION,
},
{
name: COVERAGE_FUZZING_NAME,
description: COVERAGE_FUZZING_DESCRIPTION,
helpPath: COVERAGE_FUZZING_HELP_PATH,
type: REPORT_TYPE_COVERAGE_FUZZING,
},
{
name: API_FUZZING_NAME,
description: API_FUZZING_DESCRIPTION,
helpPath: API_FUZZING_HELP_PATH,
type: REPORT_TYPE_API_FUZZING,
},
{
name: LICENSE_COMPLIANCE_NAME,
description: LICENSE_COMPLIANCE_DESCRIPTION,
helpPath: LICENSE_COMPLIANCE_HELP_PATH,
type: REPORT_TYPE_LICENSE_COMPLIANCE,
},
];
export const securityFeatures = [
{
name: SAST_NAME,

216
app/assets/javascripts/security_configuration/components/redesigned_app.vue
View file

@ -1,216 +0,0 @@
<script>
import { GlTab, GlTabs, GlSprintf, GlLink } from '@gitlab/ui';
import { __, s__ } from '~/locale';
import LocalStorageSync from '~/vue_shared/components/local_storage_sync.vue';
import UserCalloutDismisser from '~/vue_shared/components/user_callout_dismisser.vue';
import AutoDevOpsAlert from './auto_dev_ops_alert.vue';
import AutoDevOpsEnabledAlert from './auto_dev_ops_enabled_alert.vue';
import { AUTO_DEVOPS_ENABLED_ALERT_DISMISSED_STORAGE_KEY } from './constants';
import FeatureCard from './feature_card.vue';
import SectionLayout from './section_layout.vue';
import UpgradeBanner from './upgrade_banner.vue';
export const i18n = {
compliance: s__('SecurityConfiguration|Compliance'),
configurationHistory: s__('SecurityConfiguration|Configuration history'),
securityTesting: s__('SecurityConfiguration|Security testing'),
latestPipelineDescription: s__(
`SecurityConfiguration|The status of the tools only applies to the
default branch and is based on the %{linkStart}latest pipeline%{linkEnd}.`,
),
description: s__(
`SecurityConfiguration|Once you've enabled a scan for the default branch,
any subsequent feature branch you create will include the scan.`,
),
securityConfiguration: __('Security Configuration'),
};
export default {
i18n,
components: {
AutoDevOpsAlert,
AutoDevOpsEnabledAlert,
FeatureCard,
GlLink,
GlSprintf,
GlTab,
GlTabs,
LocalStorageSync,
SectionLayout,
UpgradeBanner,
UserCalloutDismisser,
},
inject: ['projectPath'],
props: {
augmentedSecurityFeatures: {
type: Array,
required: true,
},
augmentedComplianceFeatures: {
type: Array,
required: true,
},
gitlabCiPresent: {
type: Boolean,
required: false,
default: false,
},
autoDevopsEnabled: {
type: Boolean,
required: false,
default: false,
},
canEnableAutoDevops: {
type: Boolean,
required: false,
default: false,
},
gitlabCiHistoryPath: {
type: String,
required: false,
default: '',
},
latestPipelinePath: {
type: String,
required: false,
default: '',
},
},
data() {
return {
autoDevopsEnabledAlertDismissedProjects: [],
};
},
computed: {
canUpgrade() {
return [...this.augmentedSecurityFeatures, ...this.augmentedComplianceFeatures].some(
({ available }) => !available,
);
},
canViewCiHistory() {
return Boolean(this.gitlabCiPresent && this.gitlabCiHistoryPath);
},
shouldShowDevopsAlert() {
return !this.autoDevopsEnabled && !this.gitlabCiPresent && this.canEnableAutoDevops;
},
shouldShowAutoDevopsEnabledAlert() {
return (
this.autoDevopsEnabled &&
!this.autoDevopsEnabledAlertDismissedProjects.includes(this.projectPath)
);
},
},
methods: {
dismissAutoDevopsEnabledAlert() {
const dismissedProjects = new Set(this.autoDevopsEnabledAlertDismissedProjects);
dismissedProjects.add(this.projectPath);
this.autoDevopsEnabledAlertDismissedProjects = Array.from(dismissedProjects);
},
},
autoDevopsEnabledAlertStorageKey: AUTO_DEVOPS_ENABLED_ALERT_DISMISSED_STORAGE_KEY,
};
</script>
<template>
<article>
<local-storage-sync
v-model="autoDevopsEnabledAlertDismissedProjects"
:storage-key="$options.autoDevopsEnabledAlertStorageKey"
as-json
/>
<user-callout-dismisser
v-if="shouldShowDevopsAlert"
feature-name="security_configuration_devops_alert"
>
<template #default="{ dismiss, shouldShowCallout }">
<auto-dev-ops-alert v-if="shouldShowCallout" class="gl-mt-3" @dismiss="dismiss" />
</template>
</user-callout-dismisser>
<header>
<h1 class="gl-font-size-h1">{{ $options.i18n.securityConfiguration }}</h1>
</header>
<user-callout-dismisser v-if="canUpgrade" feature-name="security_configuration_upgrade_banner">
<template #default="{ dismiss, shouldShowCallout }">
<upgrade-banner v-if="shouldShowCallout" @close="dismiss" />
</template>
</user-callout-dismisser>
<gl-tabs content-class="gl-pt-0">
<gl-tab data-testid="security-testing-tab" :title="$options.i18n.securityTesting">
<auto-dev-ops-enabled-alert
v-if="shouldShowAutoDevopsEnabledAlert"
class="gl-mt-3"
@dismiss="dismissAutoDevopsEnabledAlert"
/>
<section-layout :heading="$options.i18n.securityTesting">
<template #description>
<p>
<span data-testid="latest-pipeline-info-security">
<gl-sprintf
v-if="latestPipelinePath"
:message="$options.i18n.latestPipelineDescription"
>
<template #link="{ content }">
<gl-link :href="latestPipelinePath">{{ content }}</gl-link>
</template>
</gl-sprintf>
</span>
{{ $options.i18n.description }}
</p>
<p v-if="canViewCiHistory">
<gl-link data-testid="security-view-history-link" :href="gitlabCiHistoryPath">{{
$options.i18n.configurationHistory
}}</gl-link>
</p>
</template>
<template #features>
<feature-card
v-for="feature in augmentedSecurityFeatures"
:key="feature.type"
data-testid="security-testing-card"
:feature="feature"
class="gl-mb-6"
/>
</template>
</section-layout>
</gl-tab>
<gl-tab data-testid="compliance-testing-tab" :title="$options.i18n.compliance">
<section-layout :heading="$options.i18n.compliance">
<template #description>
<p>
<span data-testid="latest-pipeline-info-compliance">
<gl-sprintf
v-if="latestPipelinePath"
:message="$options.i18n.latestPipelineDescription"
>
<template #link="{ content }">
<gl-link :href="latestPipelinePath">{{ content }}</gl-link>
</template>
</gl-sprintf>
</span>
{{ $options.i18n.description }}
</p>
<p v-if="canViewCiHistory">
<gl-link data-testid="compliance-view-history-link" :href="gitlabCiHistoryPath">{{
$options.i18n.configurationHistory
}}</gl-link>
</p>
</template>
<template #features>
<feature-card
v-for="feature in augmentedComplianceFeatures"
:key="feature.type"
:feature="feature"
class="gl-mb-6"
/>
</template>
</section-layout>
</gl-tab>
</gl-tabs>
</article>
</template>

32
app/assets/javascripts/security_configuration/components/upgrade.vue
View file

@ -1,32 +0,0 @@
<script>
import { GlLink, GlSprintf } from '@gitlab/ui';
import { UPGRADE_CTA } from './constants';
export default {
components: {
GlLink,
GlSprintf,
},
inject: {
upgradePath: {
from: 'upgradePath',
default: '#',
},
},
i18n: {
UPGRADE_CTA,
},
};
</script>
<template>
<span>
<gl-sprintf :message="$options.i18n.UPGRADE_CTA">
<template #link="{ content }">
<gl-link target="_blank" :href="upgradePath">
{{ content }}
</gl-link>
</template>
</gl-sprintf>
</span>
</template>

39
app/assets/javascripts/security_configuration/index.js
View file

@ -4,10 +4,13 @@ import createDefaultClient from '~/lib/graphql';
import { parseBooleanDataAttributes } from '~/lib/utils/dom_utils';
import SecurityConfigurationApp from './components/app.vue';
import { securityFeatures, complianceFeatures } from './components/constants';
import RedesignedSecurityConfigurationApp from './components/redesigned_app.vue';
import { augmentFeatures } from './utils';
export const initRedesignedSecurityConfiguration = (el) => {
export const initSecurityConfiguration = (el) => {
if (!el) {
return null;
}
Vue.use(VueApollo);
const apolloProvider = new VueApollo({
@ -40,7 +43,7 @@ export const initRedesignedSecurityConfiguration = (el) => {
autoDevopsPath,
},
render(createElement) {
return createElement(RedesignedSecurityConfigurationApp, {
return createElement(SecurityConfigurationApp, {
props: {
augmentedComplianceFeatures,
augmentedSecurityFeatures,
@ -56,33 +59,3 @@ export const initRedesignedSecurityConfiguration = (el) => {
},
});
};
export const initCESecurityConfiguration = (el) => {
if (!el) {
return null;
}
if (gon.features?.securityConfigurationRedesign) {
return initRedesignedSecurityConfiguration(el);
}
Vue.use(VueApollo);
const apolloProvider = new VueApollo({
defaultClient: createDefaultClient(),
});
const { projectPath, upgradePath } = el.dataset;
return new Vue({
el,
apolloProvider,
provide: {
projectPath,
upgradePath,
},
render(createElement) {
return createElement(SecurityConfigurationApp);
},
});
};

4
app/controllers/projects/security/configuration_controller.rb
View file

@ -7,10 +7,6 @@ module Projects
feature_category :static_application_security_testing
before_action only: [:show] do
push_frontend_feature_flag(:security_configuration_redesign, project, default_enabled: :yaml)
end
def show
render_403 unless can?(current_user, :read_security_configuration, project)
end

2
app/views/admin/dev_ops_report/_report.html.haml
View file

@ -3,4 +3,4 @@
- if !service_ping_enabled
#js-devops-service-ping-disabled{ data: { is_admin: current_user&.admin.to_s, empty_state_svg_path: image_path('illustrations/convdev/convdev_no_index.svg'), enable_service_ping_path: metrics_and_profiling_admin_application_settings_path(anchor: 'js-usage-settings'), docs_link: help_page_path('development/service_ping/index.md') } }
- else
#js-devops-score{ data: { devops_score_metrics: devops_score_metrics(@metric).to_json, devops_report_docs_path: help_page_path('user/admin_area/analytics/dev_ops_report'), no_data_image_path: image_path('dev_ops_report_no_data.svg'), devops_score_intro_image_path: image_path('dev_ops_report_overview.svg') } }
#js-devops-score{ data: { devops_score_metrics: devops_score_metrics(@metric).to_json, no_data_image_path: image_path('dev_ops_report_no_data.svg'), devops_score_intro_image_path: image_path('dev_ops_report_overview.svg') } }

3
app/views/projects/security/configuration/show.html.haml
View file

@ -1,6 +1,5 @@
- breadcrumb_title _("Security Configuration")
- page_title _("Security Configuration")
- redesign_enabled = ::Feature.enabled?(:security_configuration_redesign, @project, default_enabled: :yaml)
- @content_class = "limit-container-width" unless fluid_layout || !redesign_enabled
- @content_class = "limit-container-width" unless fluid_layout
#js-security-configuration-static{ data: { project_path: @project.full_path, upgrade_path: security_upgrade_path } }

8
config/feature_flags/development/security_configuration_redesign.yml
View file

@ -1,8 +0,0 @@
---
name: security_configuration_redesign
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/62285
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/331614
milestone: '14.0'
type: development
group: group::static analysis
default_enabled: false

8
config/feature_flags/development/security_configuration_redesign_ee.yml
View file

@ -1,8 +0,0 @@
---
name: security_configuration_redesign_ee
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/65171
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/336077
milestone: '14.1'
type: development
group: group::analyzer frontend
default_enabled: false

13
doc/operations/error_tracking.md
View file

@ -42,6 +42,19 @@ least Maintainer [permissions](../user/permissions.md) to enable the Sentry inte
You may also want to enable Sentry's GitLab integration by following the steps in the [Sentry documentation](https://docs.sentry.io/product/integrations/gitlab/)
### Enable GitLab Runner
To configure GitLab Runner with Sentry, you must add the value for `sentry_dsn` to your GitLab
Runner's `config.toml` configuration file, as referenced in [GitLab Runner Advanced Configuraton](https://docs.gitlab.com/runner/configuration/advanced-configuration.html).
While setting up Sentry, select **Go** if you're asked for the project type.
If you see the following error in your GitLab Runner logs, then you should specify the deprecated
DSN in **Sentry.io > Project Settings > Client Keys (DSN) > Show deprecated DSN**.
```plaintext
ERROR: Sentry failure builds=0 error=raven: dsn missing private key
```
## Error Tracking List
Users with at least Reporter [permissions](../user/permissions.md)

124
doc/user/application_security/configuration/index.md
View file

@ -11,9 +11,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
> - SAST configuration was [enabled](https://gitlab.com/groups/gitlab-org/-/epics/3659) in 13.3 and [improved](https://gitlab.com/gitlab-org/gitlab/-/issues/232862) in 13.4. **(ULTIMATE)**
> - DAST Profiles feature was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40474) in 13.4. **(ULTIMATE)**
> - A simplified version was made [available in all tiers](https://gitlab.com/gitlab-org/gitlab/-/issues/294076) in GitLab 13.10.
WARNING:
This feature might not be available to you. Check the **version history** note above for details.
> - [Redesigned](https://gitlab.com/gitlab-org/gitlab/-/issues/326926) in 14.2.
The Security Configuration page displays what security scans are available, links to documentation and also simple enablement tools for the current project.
@ -22,35 +20,37 @@ then in the left sidebar go to **Security & Compliance > Configuration**.
For each security control the page displays:
- **Security Control:** Name, description, and a documentation link.
- **Manage:** A management option or a documentation link.
## UI redesign
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/326926) in 14.0 for GitLab Free and Premium, behind a feature flag, disabled by default.
> - Enabled on GitLab.com for Free & Premium.
> - Recommended for production use.
> - It can be enabled or disabled for a single project.
> - To use in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-ui-redesign). **(FREE SELF)**
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/333109) in 14.1 for GitLab Ultimate, behind a feature flag, disabled by default.
> - Disabled on GitLab.com.
> - Not recommended for production use.
> - It can be enabled or disabled for a single project.
> - To use in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-ui-redesign-for-ultimate). **(ULTIMATE SELF)**
WARNING:
This feature might not be available to you. Check the **version history** note above for details.
The Security Configuration page has been redesigned in GitLab Free and Premium.
The same functionality exists as before, but presented in a more extensible
way.
For each security control the page displays:
- Its name, description and a documentation link.
- Whether or not it is available.
- A configuration button or a link to its configuration guide.
## Security testing
You can configure the following security controls:
- Auto DevOps
- Click **Enable Auto DevOps** on the alert to enable it for the current project. For more details, see [Auto DevOps](../../../topics/autodevops/index.md).
- SAST
- Click **Enable SAST** to use SAST for the current project. For more details, see [Configure SAST in the UI](../sast/index.md#configure-sast-in-the-ui).
- DAST **(ULTIMATE)**
- Click **Enable DAST** to use DAST for the current Project. To manage the available DAST profiles used for on-demand scans Click **Manage Scans**. For more details, see [DAST on-demand scans](../dast/index.md#on-demand-scans).
- Dependency Scanning **(ULTIMATE)**
- Select **Configure via Merge Request** to create a merge request with the changes required to
enable Dependency Scanning. For more details, see [Enable Dependency Scanning via an automatic merge request](../dependency_scanning/index.md#enable-dependency-scanning-via-an-automatic-merge-request).
- Container Scanning **(ULTIMATE)**
- Can be configured via `.gitlab-ci.yml`. For more details, see [Container Scanning](../../../user/application_security/container_scanning/index.md#configuration).
- Cluster Image Scanning **(ULTIMATE)**
- Can be configured via `.gitlab-ci.yml`. For more details, see [Cluster Image Scanning](../../../user/application_security/cluster_image_scanning/#configuration).
- Secret Detection
- Select **Configure via Merge Request** to create a merge request with the changes required to
enable Secret Detection. For more details, see [Enable Secret Detection via an automatic merge request](../secret_detection/index.md#enable-secret-detection-via-an-automatic-merge-request).
- API Fuzzing **(ULTIMATE)**
- Click **Enable API Fuzzing** to use API Fuzzing for the current Project. For more details, see [API Fuzzing](../../../user/application_security/api_fuzzing/index.md#enable-web-api-fuzzing).
- Coverage Fuzzing **(ULTIMATE)**
- Can be configured via `.gitlab-ci.yml`. For more details, see [Coverage Fuzzing](../../../user/application_security/coverage_fuzzing/index.md#configuration).
## Status **(ULTIMATE)**
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20711) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.6.
@ -63,71 +63,11 @@ _enabled_.
If the latest pipeline used [Auto DevOps](../../../topics/autodevops/index.md),
all security features are configured by default.
For SAST, click **View history** to see the `.gitlab-ci.yml` file's history.
Click **View history** to see the `.gitlab-ci.yml` file's history.
## Manage **(ULTIMATE)**
## Compliance **(ULTIMATE)**
You can configure the following security controls:
- Auto DevOps
- Click **Enable Auto DevOps** to enable it for the current project. For more details, see [Auto DevOps](../../../topics/autodevops/index.md).
- SAST
- Click either **Enable** or **Configure** to use SAST for the current project. For more details, see [Configure SAST in the UI](../sast/index.md#configure-sast-in-the-ui).
- DAST Profiles
- Click **Manage** to manage the available DAST profiles used for on-demand scans. For more details, see [DAST on-demand scans](../dast/index.md#on-demand-scans).
- Secret Detection
- Select **Configure via Merge Request** to create a merge request with the changes required to
enable Secret Detection. For more details, see [Enable Secret Detection via an automatic merge request](../secret_detection/index.md#enable-secret-detection-via-an-automatic-merge-request).
- Dependency Scanning
- Select **Configure via Merge Request** to create a merge request with the changes required to
enable Dependency Scanning. For more details, see [Enable Dependency Scanning via an automatic merge request](../dependency_scanning/index.md#enable-dependency-scanning-via-an-automatic-merge-request).
## Enable or disable UI redesign **(FREE SELF)**
The Security Configuration redesign is under development, but is ready for
production use. It is deployed behind a feature flag that is **disabled by
default**.
[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) can enable it.
To enable it:
```ruby
# For the instance
Feature.enable(:security_configuration_redesign)
# For a single project
Feature.enable(:security_configuration_redesign, Project.find(<project id>))
```
To disable it:
```ruby
# For the instance
Feature.disable(:security_configuration_redesign)
# For a single project
Feature.disable(:security_configuration_redesign, Project.find(<project id>))
```
## Enable or disable UI redesign for Ultimate **(ULTIMATE SELF)**
The Security Configuration redesign is under development, and is not ready for
production use. It is deployed behind a feature flag that is **disabled by
default**.
[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) can enable it.
To enable it:
```ruby
# For the instance
Feature.enable(:security_configuration_redesign_ee)
# For a single project
Feature.enable(:security_configuration_redesign_ee, Project.find(<project id>))
```
To disable it:
```ruby
# For the instance
Feature.disable(:security_configuration_redesign_ee)
# For a single project
Feature.disable(:security_configuration_redesign_ee, Project.find(<project id>))
```
- License Compliance **(ULTIMATE)**
- Can be configured via `.gitlab-ci.yml`. For more details, see [License Compliance](../../../user/compliance/license_compliance/index.md#configuration).

78
locale/gitlab.pot
View file

@ -464,9 +464,6 @@ msgstr[1] ""
msgid "%{completedWeight} of %{totalWeight} weight completed"
msgstr ""
msgid "%{containerScanningLinkStart}Container Scanning%{containerScanningLinkEnd} and/or %{dependencyScanningLinkStart}Dependency Scanning%{dependencyScanningLinkEnd} must be enabled. %{securityBotLinkStart}GitLab-Security-Bot%{securityBotLinkEnd} will be the author of the auto-created merge request. %{moreInfoLinkStart}More information%{moreInfoLinkEnd}."
msgstr ""
msgid "%{cores} cores"
msgstr ""
@ -4227,6 +4224,9 @@ msgstr ""
msgid "ApprovalSettings|There was an error updating merge request approval settings."
msgstr ""
msgid "ApprovalSettings|This setting is configured at the instance level and can only be changed by an administrator."
msgstr ""
msgid "ApprovalStatusTooltip|Adheres to separation of duties"
msgstr ""
@ -4896,9 +4896,6 @@ msgstr ""
msgid "Automatically close associated incident when a recovery alert notification resolves an alert"
msgstr ""
msgid "Automatically create merge requests for vulnerabilities that have fixes available."
msgstr ""
msgid "Automatically resolved"
msgstr ""
@ -4914,9 +4911,6 @@ msgstr ""
msgid "Available ID"
msgstr ""
msgid "Available for dependency and container scanning"
msgstr ""
msgid "Available group runners: %{runners}"
msgstr ""
@ -25056,9 +25050,6 @@ msgstr ""
msgid "Prevent MR approvals by author."
msgstr ""
msgid "Prevent MR approvals by the author."
msgstr ""
msgid "Prevent MR approvals from users who make commits to the MR."
msgstr ""
@ -25074,9 +25065,6 @@ msgstr ""
msgid "Prevent users from changing their profile name"
msgstr ""
msgid "Prevent users from modifying MR approval rules in merge requests."
msgstr ""
msgid "Prevent users from modifying MR approval rules in projects and merge requests."
msgstr ""
@ -28143,12 +28131,6 @@ msgstr ""
msgid "Require all users to set up two-factor authentication"
msgstr ""
msgid "Require new approvals when new commits are added to an MR."
msgstr ""
msgid "Require user password for approvals."
msgstr ""
msgid "Required approvals (%{approvals_given} given)"
msgstr ""
@ -29292,12 +29274,6 @@ msgstr ""
msgid "SecurityConfiguration|An error occurred while creating the merge request."
msgstr ""
msgid "SecurityConfiguration|Available for on-demand DAST"
msgstr ""
msgid "SecurityConfiguration|Available with %{linkStart}upgrade or free trial%{linkEnd}"
msgstr ""
msgid "SecurityConfiguration|Available with Ultimate"
msgstr ""
@ -29313,9 +29289,6 @@ msgstr ""
msgid "SecurityConfiguration|Configuration history"
msgstr ""
msgid "SecurityConfiguration|Configure"
msgstr ""
msgid "SecurityConfiguration|Configure %{feature}"
msgstr ""
@ -29337,9 +29310,6 @@ msgstr ""
msgid "SecurityConfiguration|Customize common SAST settings to suit your requirements. Configuration changes made here override those provided by GitLab and are excluded from updates. For details of more advanced configuration options, see the %{linkStart}GitLab SAST documentation%{linkEnd}."
msgstr ""
msgid "SecurityConfiguration|Enable"
msgstr ""
msgid "SecurityConfiguration|Enable %{feature}"
msgstr ""
@ -29349,30 +29319,18 @@ msgstr ""
msgid "SecurityConfiguration|Enabled"
msgstr ""
msgid "SecurityConfiguration|Enabled with Auto DevOps"
msgstr ""
msgid "SecurityConfiguration|Feature documentation for %{featureName}"
msgstr ""
msgid "SecurityConfiguration|High-level vulnerability statistics across projects and groups"
msgstr ""
msgid "SecurityConfiguration|Immediately begin risk analysis and remediation with application security features. Start with SAST and Secret Detection, available to all plans. Upgrade to Ultimate to get all features, including:"
msgstr ""
msgid "SecurityConfiguration|Manage"
msgstr ""
msgid "SecurityConfiguration|Manage profiles for use by DAST scans."
msgstr ""
msgid "SecurityConfiguration|Manage scans"
msgstr ""
msgid "SecurityConfiguration|More information"
msgstr ""
msgid "SecurityConfiguration|More scan types, including Container Scanning, DAST, Dependency Scanning, Fuzzing, and Licence Compliance"
msgstr ""
@ -29397,18 +29355,9 @@ msgstr ""
msgid "SecurityConfiguration|Secure your project"
msgstr ""
msgid "SecurityConfiguration|Security Control"
msgstr ""
msgid "SecurityConfiguration|Security testing"
msgstr ""
msgid "SecurityConfiguration|Status"
msgstr ""
msgid "SecurityConfiguration|Testing & Compliance"
msgstr ""
msgid "SecurityConfiguration|The status of the tools only applies to the default branch and is based on the %{linkStart}latest pipeline%{linkEnd}."
msgstr ""
@ -29418,15 +29367,9 @@ msgstr ""
msgid "SecurityConfiguration|Using custom settings. You won't receive automatic updates on this variable. %{anchorStart}Restore to default%{anchorEnd}"
msgstr ""
msgid "SecurityConfiguration|View history"
msgstr ""
msgid "SecurityConfiguration|Vulnerability details and statistics in the merge request"
msgstr ""
msgid "SecurityConfiguration|You can quickly enable all security scanning tools by enabling %{linkStart}Auto DevOps%{linkEnd}."
msgstr ""
msgid "SecurityOrchestration|An error occurred assigning your security policy project"
msgstr ""
@ -30405,9 +30348,6 @@ msgstr ""
msgid "Setup"
msgstr ""
msgid "Several security scans are enabled because %{linkStart}Auto DevOps%{linkEnd} is enabled on this project"
msgstr ""
msgid "Severity"
msgstr ""
@ -31027,9 +30967,6 @@ msgstr ""
msgid "Something went wrong while stopping this environment. Please try again."
msgstr ""
msgid "Something went wrong while toggling auto-fix settings, please try again later."
msgstr ""
msgid "Something went wrong while updating a requirement."
msgstr ""
@ -31987,15 +31924,9 @@ msgstr ""
msgid "Suggest code changes which can be immediately applied in one click. Try it out!"
msgstr ""
msgid "Suggested Solutions"
msgstr ""
msgid "Suggested change"
msgstr ""
msgid "Suggested solutions help link"
msgstr ""
msgid "SuggestedColors|Aztec Gold"
msgstr ""
@ -33271,9 +33202,6 @@ msgstr ""
msgid "The start date must be ealier than the end date."
msgstr ""
msgid "The status of the table below only applies to the default branch and is based on the %{linkStart}latest pipeline%{linkEnd}. Once you've enabled a scan for the default branch, any subsequent feature branch you create will include the scan."
msgstr ""
msgid "The subject will be used as the title of the new issue, and the message will be the description. %{quickActionsLinkStart}Quick actions%{quickActionsLinkEnd} and styling with %{markdownLinkStart}Markdown%{markdownLinkEnd} are supported."
msgstr ""

1
public/robots.txt
View file

@ -24,6 +24,7 @@ Disallow: /help
Disallow: /s/
Disallow: /-/profile
Disallow: /-/ide/
Disallow: /-/experiment
# Restrict allowed routes to avoid very ugly search results
Allow: /users/sign_in
Allow: /users/*/snippets

17
spec/frontend/admin/analytics/devops_score/components/devops_score_spec.js
View file

@ -1,15 +1,10 @@
import { GlTable, GlBadge, GlEmptyState, GlLink } from '@gitlab/ui';
import { GlTable, GlBadge, GlEmptyState } from '@gitlab/ui';
import { GlSingleStat } from '@gitlab/ui/dist/charts';
import { mount } from '@vue/test-utils';
import { extendedWrapper } from 'helpers/vue_test_utils_helper';
import DevopsScore from '~/analytics/devops_report/components/devops_score.vue';
import DevopsScoreCallout from '~/analytics/devops_report/components/devops_score_callout.vue';
import {
devopsScoreMetricsData,
devopsReportDocsPath,
noDataImagePath,
devopsScoreTableHeaders,
} from '../mock_data';
import { devopsScoreMetricsData, noDataImagePath, devopsScoreTableHeaders } from '../mock_data';
describe('DevopsScore', () => {
let wrapper;
@ -19,7 +14,6 @@ describe('DevopsScore', () => {
mount(DevopsScore, {
provide: {
devopsScoreMetrics,
devopsReportDocsPath,
noDataImagePath,
},
}),
@ -32,6 +26,8 @@ describe('DevopsScore', () => {
const findUsageCol = () => findCol('usageCol');
const findDevopsScoreApp = () => wrapper.findByTestId('devops-score-app');
const bannerExists = () => wrapper.findComponent(DevopsScoreCallout).exists();
const findDocsLink = () =>
wrapper.findByRole('link', { name: 'See example DevOps Score page in our documentation.' });
describe('with no data', () => {
beforeEach(() => {
@ -54,7 +50,10 @@ describe('DevopsScore', () => {
});
it('contains a link to the feature documentation', () => {
expect(wrapper.findComponent(GlLink).exists()).toBe(true);
expect(findDocsLink().exists()).toBe(true);
expect(findDocsLink().attributes('href')).toBe(
'/help/user/admin_area/analytics/dev_ops_report',
);
});
});

12
spec/frontend/analytics/devops_report/components/service_ping_disabled_spec.js
View file

@ -1,6 +1,6 @@
import { GlEmptyState, GlSprintf } from '@gitlab/ui';
import { TEST_HOST } from 'helpers/test_constants';
import { shallowMountExtended } from 'helpers/vue_test_utils_helper';
import { mountExtended } from 'helpers/vue_test_utils_helper';
import ServicePingDisabled from '~/analytics/devops_report/components/service_ping_disabled.vue';
describe('~/analytics/devops_report/components/service_ping_disabled.vue', () => {
@ -11,21 +11,19 @@ describe('~/analytics/devops_report/components/service_ping_disabled.vue', () =>
});
const createWrapper = ({ isAdmin = false } = {}) => {
wrapper = shallowMountExtended(ServicePingDisabled, {
wrapper = mountExtended(ServicePingDisabled, {
provide: {
isAdmin,
svgPath: TEST_HOST,
docsLink: TEST_HOST,
primaryButtonPath: TEST_HOST,
},
stubs: { GlEmptyState, GlSprintf },
});
};
const findEmptyState = () => wrapper.findComponent(GlEmptyState);
const findMessageForRegularUsers = () => wrapper.findComponent(GlSprintf);
const findDocsLink = () => wrapper.findByTestId('docs-link');
const findPowerOnButton = () => wrapper.findByTestId('power-on-button');
const findDocsLink = () => wrapper.findByRole('link', { name: 'service ping' });
const findPowerOnButton = () => wrapper.findByRole('link', { name: 'Turn on service ping' });
it('renders empty state with provided SVG path', () => {
createWrapper();
@ -45,7 +43,7 @@ describe('~/analytics/devops_report/components/service_ping_disabled.vue', () =>
it('renders docs link', () => {
expect(findDocsLink().exists()).toBe(true);
expect(findDocsLink().attributes('href')).toBe(TEST_HOST);
expect(findDocsLink().attributes('href')).toBe('/help/development/service_ping/index.md');
});
});

27
spec/frontend/security_configuration/app_spec.js
View file

@ -1,27 +0,0 @@
import { shallowMount } from '@vue/test-utils';
import App from '~/security_configuration/components/app.vue';
import ConfigurationTable from '~/security_configuration/components/configuration_table.vue';
describe('App Component', () => {
let wrapper;
const createComponent = () => {
wrapper = shallowMount(App, {});
};
const findConfigurationTable = () => wrapper.findComponent(ConfigurationTable);
afterEach(() => {
wrapper.destroy();
});
it('renders correct primary & Secondary Heading', () => {
createComponent();
expect(wrapper.text()).toContain('Security Configuration');
expect(wrapper.text()).toContain('Testing & Compliance');
});
it('renders ConfigurationTable Component', () => {
createComponent();
expect(findConfigurationTable().exists()).toBe(true);
});
});

10
spec/frontend/security_configuration/components/redesigned_app_spec.js → spec/frontend/security_configuration/components/app_spec.js
View file

@ -4,6 +4,7 @@ import { useLocalStorageSpy } from 'helpers/local_storage_helper';
import { makeMockUserCalloutDismisser } from 'helpers/mock_user_callout_dismisser';
import stubChildren from 'helpers/stub_children';
import { extendedWrapper } from 'helpers/vue_test_utils_helper';
import SecurityConfigurationApp, { i18n } from '~/security_configuration/components/app.vue';
import AutoDevopsAlert from '~/security_configuration/components/auto_dev_ops_alert.vue';
import AutoDevopsEnabledAlert from '~/security_configuration/components/auto_dev_ops_enabled_alert.vue';
import {
@ -19,9 +20,6 @@ import {
} from '~/security_configuration/components/constants';
import FeatureCard from '~/security_configuration/components/feature_card.vue';
import RedesignedSecurityConfigurationApp, {
i18n,
} from '~/security_configuration/components/redesigned_app.vue';
import UpgradeBanner from '~/security_configuration/components/upgrade_banner.vue';
import {
REPORT_TYPE_LICENSE_COMPLIANCE,
@ -36,7 +34,7 @@ const projectPath = 'namespace/project';
useLocalStorageSpy();
describe('redesigned App component', () => {
describe('App component', () => {
let wrapper;
let userCalloutDismissSpy;
@ -44,7 +42,7 @@ describe('redesigned App component', () => {
userCalloutDismissSpy = jest.fn();
wrapper = extendedWrapper(
mount(RedesignedSecurityConfigurationApp, {
mount(SecurityConfigurationApp, {
propsData,
provide: {
upgradePath,
@ -53,7 +51,7 @@ describe('redesigned App component', () => {
projectPath,
},
stubs: {
...stubChildren(RedesignedSecurityConfigurationApp),
...stubChildren(SecurityConfigurationApp),
GlLink: false,
GlSprintf: false,
LocalStorageSync: false,

52
spec/frontend/security_configuration/configuration_table_spec.js
View file

@ -1,52 +0,0 @@
import { mount } from '@vue/test-utils';
import { extendedWrapper } from 'helpers/vue_test_utils_helper';
import ConfigurationTable from '~/security_configuration/components/configuration_table.vue';
import { scanners, UPGRADE_CTA } from '~/security_configuration/components/constants';
import {
REPORT_TYPE_SAST,
REPORT_TYPE_SECRET_DETECTION,
} from '~/vue_shared/security_reports/constants';
describe('Configuration Table Component', () => {
let wrapper;
const createComponent = () => {
wrapper = extendedWrapper(
mount(ConfigurationTable, {
provide: {
projectPath: 'testProjectPath',
},
}),
);
};
const findHelpLinks = () => wrapper.findAll('[data-testid="help-link"]');
afterEach(() => {
wrapper.destroy();
});
beforeEach(() => {
createComponent();
});
describe.each(scanners.map((scanner, i) => [scanner, i]))('given scanner %s', (scanner, i) => {
it('should match strings', () => {
expect(wrapper.text()).toContain(scanner.name);
expect(wrapper.text()).toContain(scanner.description);
if (scanner.type === REPORT_TYPE_SAST) {
expect(wrapper.findByTestId(scanner.type).text()).toBe('Configure via Merge Request');
} else if (scanner.type === REPORT_TYPE_SECRET_DETECTION) {
expect(wrapper.findByTestId(scanner.type).exists()).toBe(false);
} else {
expect(wrapper.findByTestId(scanner.type).text()).toMatchInterpolatedText(UPGRADE_CTA);
}
});
it('should show expected help link', () => {
const helpLink = findHelpLinks().at(i);
expect(helpLink.attributes('href')).toBe(scanner.helpPath);
});
});
});

30
spec/frontend/security_configuration/upgrade_spec.js
View file

@ -1,30 +0,0 @@
import { mount } from '@vue/test-utils';
import { UPGRADE_CTA } from '~/security_configuration/components/constants';
import Upgrade from '~/security_configuration/components/upgrade.vue';
const TEST_URL = 'http://www.example.test';
let wrapper;
const createComponent = (componentData = {}) => {
wrapper = mount(Upgrade, componentData);
};
afterEach(() => {
wrapper.destroy();
});
describe('Upgrade component', () => {
beforeEach(() => {
createComponent({ provide: { upgradePath: TEST_URL } });
});
it('renders correct text in link', () => {
expect(wrapper.text()).toMatchInterpolatedText(UPGRADE_CTA);
});
it('renders link with correct default attributes', () => {
expect(wrapper.find('a').attributes()).toMatchObject({
href: TEST_URL,
target: '_blank',
});
});
});

1
spec/requests/robots_txt_spec.rb
View file

@ -28,6 +28,7 @@ RSpec.describe 'Robots.txt Requests', :aggregate_failures do
it 'blocks the requests' do
requests = [
Gitlab::Experiment::Configuration.mount_at,
'/autocomplete/users',
'/autocomplete/projects',
'/search',