Commit 0245456e authored by Mark Lapierre's avatar Mark Lapierre

Merge branch 'sec_scan_conf_spec_history' into 'master'

Add a check for Configuration History

See merge request gitlab-org/gitlab!71484
parents eefc1f11 d2922064
...@@ -192,9 +192,12 @@ export default { ...@@ -192,9 +192,12 @@ export default {
{{ $options.i18n.description }} {{ $options.i18n.description }}
</p> </p>
<p v-if="canViewCiHistory"> <p v-if="canViewCiHistory">
<gl-link data-testid="security-view-history-link" :href="gitlabCiHistoryPath">{{ <gl-link
$options.i18n.configurationHistory data-testid="security-view-history-link"
}}</gl-link> data-qa-selector="security_configuration_history_link"
:href="gitlabCiHistoryPath"
>{{ $options.i18n.configurationHistory }}</gl-link
>
</p> </p>
</template> </template>
......
...@@ -28,6 +28,7 @@ export default { ...@@ -28,6 +28,7 @@ export default {
variant="info" variant="info"
:primary-button-link="autoDevopsPath" :primary-button-link="autoDevopsPath"
:primary-button-text="$options.i18n.primaryButtonText" :primary-button-text="$options.i18n.primaryButtonText"
data-qa-selector="autodevops_container"
@dismiss="dismissMethod" @dismiss="dismissMethod"
> >
<gl-sprintf :message="$options.i18n.body"> <gl-sprintf :message="$options.i18n.body">
......
include:
template: License-Scanning.gitlab-ci.yml
.sast-analyzer:
script:
- echo "Skipped"
artifacts:
reports:
sast: gl-sast-report.json
.ds-analyzer:
script:
- echo "Skipped"
artifacts:
reports:
dependency_scanning: gl-dependency-scanning-report.json
license_scanning:
script:
- echo "Skipped"
artifacts:
reports:
license_scanning: gl-license-scanning-report.json
...@@ -8,6 +8,10 @@ module QA ...@@ -8,6 +8,10 @@ module QA
include QA::Page::Component::Select2 include QA::Page::Component::Select2
include QA::Page::Settings::Common include QA::Page::Settings::Common
view 'app/assets/javascripts/security_configuration/components/app.vue' do
element :security_configuration_history_link
end
view 'app/assets/javascripts/security_configuration/components/feature_card.vue' do view 'app/assets/javascripts/security_configuration/components/feature_card.vue' do
element :dependency_scanning_status, "`${feature.type}_status`" # rubocop:disable QA/ElementWithPattern element :dependency_scanning_status, "`${feature.type}_status`" # rubocop:disable QA/ElementWithPattern
element :sast_status, "`${feature.type}_status`" # rubocop:disable QA/ElementWithPattern element :sast_status, "`${feature.type}_status`" # rubocop:disable QA/ElementWithPattern
...@@ -15,6 +19,22 @@ module QA ...@@ -15,6 +19,22 @@ module QA
element :dependency_scanning_mr_button, "`${feature.type}_mr_button`" # rubocop:disable QA/ElementWithPattern element :dependency_scanning_mr_button, "`${feature.type}_mr_button`" # rubocop:disable QA/ElementWithPattern
end end
view 'app/assets/javascripts/security_configuration/components/auto_dev_ops_alert.vue' do
element :autodevops_container
end
def has_security_configuration_history_link?
has_element?(:security_configuration_history_link)
end
def has_no_security_configuration_history_link?
has_no_element?(:security_configuration_history_link)
end
def click_security_configuration_history_link
click_element(:security_configuration_history_link)
end
def click_sast_enable_button def click_sast_enable_button
click_element(:sast_enable_button) click_element(:sast_enable_button)
end end
...@@ -29,11 +49,37 @@ module QA ...@@ -29,11 +49,37 @@ module QA
end end
end end
def has_no_sast_status?(status_text)
within_element(:sast_status) do
has_no_text?(status_text)
end
end
def has_dependency_scanning_status?(status_text) def has_dependency_scanning_status?(status_text)
within_element(:dependency_scanning_status) do within_element(:dependency_scanning_status) do
has_text?(status_text) has_text?(status_text)
end end
end end
def has_no_dependency_scanning_status?(status_text)
within_element(:dependency_scanning_status) do
has_no_text?(status_text)
end
end
def has_auto_devops_container?
has_element?(:autodevops_container)
end
def has_no_auto_devops_container?
has_no_element?(:autodevops_container)
end
def has_auto_devops_container_description?
within_element(:autodevops_container) do
has_text?('Quickly enable all continuous testing and compliance tools by enabling Auto DevOps')
end
end
end end
end end
end end
......
# frozen_string_literal: true # frozen_string_literal: true
module QA module QA
RSpec.describe 'Secure' do RSpec.describe 'Secure', :aggregate_failures do
context 'Enable Scanning from UI' do context 'Enable Scanning from UI' do
let(:test_data_sast_string_fields_array) do let(:test_data_sast_string_fields_array) do
[ [
...@@ -53,20 +53,13 @@ module QA ...@@ -53,20 +53,13 @@ module QA
describe 'enable dependency scanning from configuration' do describe 'enable dependency scanning from configuration' do
it 'runs dependency scanning job when enabled from configuration', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347621' do it 'runs dependency scanning job when enabled from configuration', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347621' do
Flow::Pipeline.visit_latest_pipeline
# Baseline that we do not initially have a Dependency Scanning job
Page::Project::Pipeline::Show.perform do |pipeline|
aggregate_failures "test Dependency Scanning jobs are not present in pipeline" do
expect(pipeline).to have_no_job('gemnasium-dependency_scanning')
expect(pipeline).to have_no_job('bundler-audit-dependency_scanning')
end
end
Page::Project::Menu.perform(&:click_on_security_configuration_link) Page::Project::Menu.perform(&:click_on_security_configuration_link)
Page::Project::Secure::ConfigurationForm.perform do |config_form| Page::Project::Secure::ConfigurationForm.perform do |config_form|
expect(config_form).to have_dependency_scanning_status('Not enabled') expect(config_form).to have_dependency_scanning_status('Not enabled')
expect(config_form).to have_auto_devops_container
expect(config_form).to have_auto_devops_container_description
expect(config_form).to have_no_security_configuration_history_link
config_form.click_dependency_scanning_mr_button config_form.click_dependency_scanning_mr_button
end end
...@@ -83,36 +76,48 @@ module QA ...@@ -83,36 +76,48 @@ module QA
Flow::Pipeline.visit_latest_pipeline Flow::Pipeline.visit_latest_pipeline
Page::Project::Pipeline::Show.perform do |pipeline| Page::Project::Pipeline::Show.perform do |pipeline|
aggregate_failures "test Dependency Scanning jobs are present in pipeline" do expect(pipeline).to have_job('gemnasium-dependency_scanning')
expect(pipeline).to have_job('gemnasium-dependency_scanning') expect(pipeline).to have_job('bundler-audit-dependency_scanning')
expect(pipeline).to have_job('bundler-audit-dependency_scanning')
end
end end
Page::Project::Menu.perform(&:click_on_security_configuration_link) Page::Project::Menu.perform(&:click_on_security_configuration_link)
Page::Project::Secure::ConfigurationForm.perform do |config_form| Page::Project::Secure::ConfigurationForm.perform do |config_form|
aggregate_failures "test Dependency Scanning status is Enabled" do expect(config_form).to have_dependency_scanning_status('Enabled')
expect(config_form).to have_dependency_scanning_status('Enabled') expect(config_form).to have_no_dependency_scanning_status('Not enabled')
expect(config_form).not_to have_dependency_scanning_status('Not enabled') expect(config_form).to have_security_configuration_history_link
end expect(config_form).to have_no_auto_devops_container
config_form.click_security_configuration_history_link
end
Page::File::Show.perform do |file_page|
expect(file_page).to have_content('template: Security/Dependency-Scanning.gitlab-ci.yml')
end end
end end
end end
describe 'enable sast from configuration' do describe 'enable sast from configuration' do
it 'runs sast job when enabled from configuration', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347685' do def sast_config_expects(current_page, sast_string_fields, sast_int_fields)
Flow::Pipeline.visit_latest_pipeline expect(current_page).to have_file('.gitlab-ci.yml')
sast_string_fields.each do |field_type, field_value|
# Baseline that we do not initially have a sast job expect(current_page).to have_content("#{field_type}: #{field_value}")
Page::Project::Pipeline::Show.perform do |pipeline|
expect(pipeline).to have_no_job('brakeman-sast')
end end
sast_int_fields.each do |field_type, field_value|
expect(current_page).to have_content("#{field_type}: '#{field_value}'")
end
expect(current_page).to have_content("stage: #{test_stage_name}")
expect(current_page).to have_content("SAST_EXCLUDED_ANALYZERS: #{test_data_checkbox_exclude_array.join(', ')}")
end
it 'runs sast job when enabled from configuration', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347685' do
Page::Project::Menu.perform(&:click_on_security_configuration_link) Page::Project::Menu.perform(&:click_on_security_configuration_link)
Page::Project::Secure::ConfigurationForm.perform do |config_form| Page::Project::Secure::ConfigurationForm.perform do |config_form|
expect(config_form).to have_sast_status('Not enabled') expect(config_form).to have_sast_status('Not enabled')
expect(config_form).to have_auto_devops_container
expect(config_form).to have_auto_devops_container_description
expect(config_form).to have_no_security_configuration_history_link
config_form.click_sast_enable_button config_form.click_sast_enable_button
config_form.click_expand_button config_form.click_expand_button
...@@ -136,17 +141,7 @@ module QA ...@@ -136,17 +141,7 @@ module QA
new_merge_request.click_diffs_tab new_merge_request.click_diffs_tab
aggregate_failures "test Merge Request contents" do sast_config_expects(new_merge_request, test_data_sast_string_fields_array, test_data_int_fields_array)
expect(new_merge_request).to have_file('.gitlab-ci.yml')
test_data_sast_string_fields_array.each do |test_data_string_array|
expect(new_merge_request).to have_content("#{test_data_string_array.first}: #{test_data_string_array[1]}")
end
test_data_int_fields_array.each do |test_data_int_array|
expect(new_merge_request).to have_content("#{test_data_int_array.first}: '#{test_data_int_array[1]}'")
end
expect(new_merge_request).to have_content("stage: #{test_stage_name}")
expect(new_merge_request).to have_content("SAST_EXCLUDED_ANALYZERS: #{test_data_checkbox_exclude_array.join(', ')}")
end
new_merge_request.create_merge_request new_merge_request.create_merge_request
end end
...@@ -164,10 +159,16 @@ module QA ...@@ -164,10 +159,16 @@ module QA
Page::Project::Menu.perform(&:click_on_security_configuration_link) Page::Project::Menu.perform(&:click_on_security_configuration_link)
Page::Project::Secure::ConfigurationForm.perform do |config_form| Page::Project::Secure::ConfigurationForm.perform do |config_form|
aggregate_failures "test SAST status is Enabled" do expect(config_form).to have_sast_status('Enabled')
expect(config_form).to have_sast_status('Enabled') expect(config_form).to have_no_sast_status('Not enabled')
expect(config_form).not_to have_sast_status('Not enabled') expect(config_form).to have_security_configuration_history_link
end expect(config_form).to have_no_auto_devops_container
config_form.click_security_configuration_history_link
end
Page::File::Show.perform do |file_page|
sast_config_expects(file_page, test_data_sast_string_fields_array, test_data_int_fields_array)
end end
end end
end end
......
...@@ -5,6 +5,7 @@ module QA ...@@ -5,6 +5,7 @@ module QA
module Matchers module Matchers
module HaveMatcher module HaveMatcher
PREDICATE_TARGETS = %w[ PREDICATE_TARGETS = %w[
auto_devops_container
element element
file_content file_content
assignee assignee
...@@ -17,6 +18,8 @@ module QA ...@@ -17,6 +18,8 @@ module QA
package package
pipeline pipeline
related_issue_item related_issue_item
sast_status
security_configuration_history_link
snippet_description snippet_description
tag tag
label label
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment