Merge branch 'remove_dependency_for_vulnerability_check' into 'master'

Remove job dependency for Vulnerability-Check

See merge request gitlab-org/gitlab!64333

doc/user/application_security/index.md

@@ -209,7 +209,6 @@ request contains a denied license. For more details, see [Enabling license appro
 
 Prerequisites:
 
-- At least one [security scanner job](#security-scanning-tools) must be enabled.
 - Maintainer or Owner [role](../permissions.md#project-members-permissions).
 
 For this approval group, you must set the number of approvals required to greater than zero.

ee/app/assets/javascripts/approvals/components/security_configuration/unconfigured_security_rules.vue

 <script>
 import { GlDeprecatedSkeletonLoading as GlSkeletonLoading } from '@gitlab/ui';
-import { camelCase } from 'lodash';
 import { mapState, mapActions } from 'vuex';
-import { LICENSE_CHECK_NAME, VULNERABILITY_CHECK_NAME, JOB_TYPES } from 'ee/approvals/constants';
+import {
+  LICENSE_CHECK_NAME,
+  VULNERABILITY_CHECK_NAME,
+  LICENSE_SCANNING,
+} from 'ee/approvals/constants';
 import { s__ } from '~/locale';
 import UnconfiguredSecurityRule from './unconfigured_security_rule.vue';
 
@@ -21,16 +24,6 @@ export default {
       default: '',
     },
   },
-  featureTypes: {
-    vulnerabilityCheck: [
-      JOB_TYPES.SAST,
-      JOB_TYPES.DAST,
-      JOB_TYPES.DEPENDENCY_SCANNING,
-      JOB_TYPES.SECRET_DETECTION,
-      JOB_TYPES.COVERAGE_FUZZING,
-    ],
-    licenseCheck: [JOB_TYPES.LICENSE_SCANNING],
-  },
   computed: {
     ...mapState('securityConfiguration', ['configuration']),
     ...mapState({
@@ -90,11 +83,12 @@ export default {
     },
     hasConfiguredJob(matchRule) {
       const { features = [] } = this.configuration;
-      return this.$options.featureTypes[camelCase(matchRule.name)].some((featureType) => {
-        return features.some((feature) => {
-          return feature.type === featureType && feature.configured;
-        });
-      });
+      return (
+        matchRule.name !== LICENSE_CHECK_NAME ||
+        features.some((feature) => {
+          return feature.type === LICENSE_SCANNING && feature.configured;
+        })
+      );
     },
   },
 };

ee/app/assets/javascripts/approvals/constants.js

@@ -20,14 +20,7 @@ export const RULE_NAME_ANY_APPROVER = 'All Members';
 export const VULNERABILITY_CHECK_NAME = 'Vulnerability-Check';
 export const LICENSE_CHECK_NAME = 'License-Check';
 
-export const JOB_TYPES = {
-  SAST: 'sast',
-  DAST: 'dast',
-  DEPENDENCY_SCANNING: 'dependency_scanning',
-  SECRET_DETECTION: 'secret_detection',
-  COVERAGE_FUZZING: 'coverage_fuzzing',
-  LICENSE_SCANNING: 'license_scanning',
-};
+export const LICENSE_SCANNING = 'license_scanning';
 
 export const APPROVAL_RULE_CONFIGS = {
   [VULNERABILITY_CHECK_NAME]: {

ee/app/helpers/ee/projects_helper.rb

@@ -79,7 +79,7 @@ module EE
           'eligible_approvers_docs_path': help_page_path('user/project/merge_requests/approvals/rules', anchor: 'eligible-approvers'),
           'security_approvals_help_page_path': help_page_path('user/application_security/index', anchor: 'security-approvals-in-merge-requests'),
           'security_configuration_path': project_security_configuration_path(project),
-          'vulnerability_check_help_page_path': help_page_path('user/application_security/index', anchor: 'enabling-security-approvals-within-a-project'),
+          'vulnerability_check_help_page_path': help_page_path('user/application_security/index', anchor: 'security-approvals-in-merge-requests'),
           'license_check_help_page_path': help_page_path('user/application_security/index', anchor: 'enabling-license-approvals-within-a-project')
         }
       }

ee/spec/frontend/approvals/components/security_configuration/unconfigured_security_rules_spec.js

@@ -56,6 +56,42 @@ describe('UnconfiguredSecurityRules component', () => {
     it('should render a unconfigured-security-rule component for every security rule ', () => {
       expect(wrapper.findAll(UnconfiguredSecurityRule).length).toBe(2);
     });
+
+    describe('when license_scanning is set to true', () => {
+      beforeEach(() => {
+        store.state.securityConfiguration.configuration = {
+          features: [{ type: 'license_scanning', configured: true }],
+        };
+      });
+
+      it('returns true', () => {
+        expect(wrapper.vm.hasConfiguredJob({ name: 'License-Check' })).toBe(true);
+      });
+    });
+
+    describe('when license_scanning is set to false', () => {
+      beforeEach(() => {
+        store.state.securityConfiguration.configuration = {
+          features: [{ type: 'license_scanning', configured: false }],
+        };
+      });
+
+      it('returns false', () => {
+        expect(wrapper.vm.hasConfiguredJob({ name: 'License-Check' })).toBe(false);
+      });
+    });
+
+    describe('when all other scanners are set to false', () => {
+      beforeEach(() => {
+        store.state.securityConfiguration.configuration = {
+          features: [{ type: 'container_scanning', configured: false }],
+        };
+      });
+
+      it('returns true', () => {
+        expect(wrapper.vm.hasConfiguredJob({ name: 'Vulnerability-Check' })).toBe(true);
+      });
+    });
   });
 
   describe.each`

ee/spec/helpers/projects_helper_spec.rb

@@ -378,7 +378,7 @@ RSpec.describe ProjectsHelper do
         eligible_approvers_docs_path: help_page_path('user/project/merge_requests/approvals/rules', anchor: 'eligible-approvers'),
         security_approvals_help_page_path: help_page_path('user/application_security/index', anchor: 'security-approvals-in-merge-requests'),
         security_configuration_path: project_security_configuration_path(project),
-        vulnerability_check_help_page_path: help_page_path('user/application_security/index', anchor: 'enabling-security-approvals-within-a-project'),
+        vulnerability_check_help_page_path: help_page_path('user/application_security/index', anchor: 'security-approvals-in-merge-requests'),
         license_check_help_page_path: help_page_path('user/application_security/index', anchor: 'enabling-license-approvals-within-a-project')
       })
     end