Update feature specs

* Add a test case for when configure_iac_scanning_via_mr is disabled.
* Add a test case for enabling IaC Scanning.

ee/spec/features/projects/security/user_views_security_configuration_spec.rb

@@ -17,7 +17,7 @@ RSpec.describe 'User sees Security Configuration table', :js do
 
   context 'with security_dashboard feature available' do
     before do
-      stub_licensed_features(security_dashboard: true, sast: true, dast: true)
+      stub_licensed_features(security_dashboard: true, sast: true, sast_iac: true, dast: true)
     end
 
     context 'with no SAST report' do
@@ -48,6 +48,23 @@ RSpec.describe 'User sees Security Configuration table', :js do
       end
     end
 
+    context 'enabling SAST IaC' do
+      it 'redirects to new MR page' do
+        visit(project_security_configuration_path(project))
+
+        within_sast_iac_card do
+          expect(page).to have_text('Infrastructure as Code (IaC) Scanning')
+          expect(page).to have_text('Not enabled')
+          expect(page).to have_button('Configure via Merge Request')
+
+          click_button 'Configure via Merge Request'
+          wait_for_requests
+
+          expect(current_path).to eq(project_new_merge_request_path(project))
+        end
+      end
+    end
+
     context 'with no DAST report' do
       it 'shows DAST is not enabled' do
         visit(project_security_configuration_path(project))
@@ -74,6 +91,22 @@ RSpec.describe 'User sees Security Configuration table', :js do
           expect(page).to have_link('Configure DAST')
         end
       end
+
+      context 'with configure_iac_scanning_via_mr feature flag off' do
+        before do
+          stub_feature_flags(configure_iac_scanning_via_mr: false)
+        end
+
+        it 'shows DAST is enabled' do
+          visit(project_security_configuration_path(project))
+
+          within '[data-testid="security-testing-card"]:nth-of-type(2)' do
+            expect(page).to have_text('DAST')
+            expect(page).to have_text('Enabled')
+            expect(page).to have_link('Configure DAST')
+          end
+        end
+      end
     end
   end
 
@@ -83,6 +116,12 @@ RSpec.describe 'User sees Security Configuration table', :js do
     end
   end
 
+  def within_sast_iac_card
+    within '[data-testid="security-testing-card"]:nth-of-type(2)' do
+      yield
+    end
+  end
+
   def within_dast_card
     within '[data-testid="security-testing-card"]:nth-of-type(3)' do
       yield