Enable on-demand DAST scan feature flag by default

Enables security_on_demand_scans_feature_flag by default.

ee/app/graphql/ee/types/project_type.rb

@@ -17,7 +17,7 @@ module EE
             null: true,
             description: 'The DAST scanner profiles associated with the project',
             resolve: -> (project, _args, _ctx) do
-              return DastScannerProfile.none unless ::Feature.enabled?(:security_on_demand_scans_feature_flag, project)
+              return DastScannerProfile.none unless ::Feature.enabled?(:security_on_demand_scans_feature_flag, project, default_enabled: true)
 
               project.dast_scanner_profiles
             end

ee/app/graphql/mutations/dast_on_demand_scans/create.rb

@@ -25,7 +25,7 @@ module Mutations
 
       def resolve(full_path:, dast_site_profile_id:)
         project = authorized_find!(full_path: full_path)
-        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project)
+        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project, default_enabled: true)
 
         dast_site_profile = find_dast_site_profile(project: project, dast_site_profile_id: dast_site_profile_id)
         dast_site = dast_site_profile.dast_site

ee/app/graphql/mutations/dast_scanner_profiles/create.rb

@@ -31,7 +31,7 @@ module Mutations
 
       def resolve(full_path:, profile_name:, spider_timeout: nil, target_timeout: nil)
         project = authorized_find!(full_path: full_path)
-        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project)
+        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project, default_enabled: true)
 
         service = ::DastScannerProfiles::CreateService.new(project, current_user)
         result = service.execute(name: profile_name, spider_timeout: spider_timeout, target_timeout: target_timeout)

ee/app/graphql/mutations/dast_site_profiles/create.rb

@@ -27,7 +27,7 @@ module Mutations
 
       def resolve(full_path:, profile_name:, target_url: nil)
         project = authorized_find!(full_path: full_path)
-        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project)
+        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project, default_enabled: true)
 
         service = ::DastSiteProfiles::CreateService.new(project, current_user)
         result = service.execute(name: profile_name, target_url: target_url)

ee/app/graphql/mutations/dast_site_profiles/delete.rb

@@ -19,7 +19,7 @@ module Mutations
 
       def resolve(full_path:, id:)
         project = authorized_find!(full_path: full_path)
-        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project)
+        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project, default_enabled: true)
 
         dast_site_profile = find_dast_site_profile(project: project, global_id: id)
         return { errors: dast_site_profile.errors.full_messages } unless dast_site_profile.destroy

ee/app/graphql/mutations/dast_site_profiles/update.rb

@@ -31,7 +31,7 @@ module Mutations
 
       def resolve(full_path:, **service_args)
         project = authorized_find!(full_path: full_path)
-        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project)
+        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project, default_enabled: true)
 
         service = ::DastSiteProfiles::UpdateService.new(project, current_user)
         result = service.execute(service_args)

ee/app/graphql/mutations/pipelines/run_dast_scan.rb

@@ -31,7 +31,7 @@ module Mutations
 
       def resolve(project_path:, target_url:, branch:, scan_type:)
         project = authorized_find!(full_path: project_path)
-        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project)
+        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project, default_enabled: true)
 
         service = Ci::RunDastScanService.new(project, current_user)
         result = service.execute(branch: branch, target_url: target_url)

ee/app/policies/ee/project_policy.rb

@@ -137,7 +137,7 @@ module EE
 
       with_scope :subject
       condition(:on_demand_scans_enabled) do
-        ::Feature.enabled?(:security_on_demand_scans_feature_flag, project) &&
+        ::Feature.enabled?(:security_on_demand_scans_feature_flag, project, default_enabled: true) &&
         @subject.feature_available?(:security_on_demand_scans)
       end
 

ee/changelogs/unreleased/default-on-demand-dast-scan-feature-to-true-235105.yml

+---
+title: Enable on-demand DAST scan feature flag by default
+merge_request: 39411
+author:
+type: added

ee/config/feature_flags/development/security_on_demand_scans_feature_flag.yml

+---
+name: security_on_demand_scans_feature_flag
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/32994
+rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/237796
+group: group::dynamic analysis
+type: development
+default_enabled: true