Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
c08b79f7
Commit
c08b79f7
authored
Oct 04, 2021
by
Sam White
Committed by
Illya Klymov
Oct 04, 2021
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Remove job dependency for license-check
parent
ba24ccf6
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
20 additions
and
120 deletions
+20
-120
doc/user/compliance/license_compliance/index.md
doc/user/compliance/license_compliance/index.md
+4
-0
ee/app/assets/javascripts/approvals/components/security_configuration/unconfigured_security_rule.vue
...nts/security_configuration/unconfigured_security_rule.vue
+6
-21
ee/app/assets/javascripts/approvals/components/security_configuration/unconfigured_security_rules.vue
...ts/security_configuration/unconfigured_security_rules.vue
+2
-22
ee/spec/frontend/approvals/components/security_configuration/unconfigured_security_rule_spec.js
...security_configuration/unconfigured_security_rule_spec.js
+8
-31
ee/spec/frontend/approvals/components/security_configuration/unconfigured_security_rules_spec.js
...ecurity_configuration/unconfigured_security_rules_spec.js
+0
-37
locale/gitlab.pot
locale/gitlab.pot
+0
-9
No files found.
doc/user/compliance/license_compliance/index.md
View file @
c08b79f7
...
...
@@ -754,6 +754,10 @@ Developers of the project can view the policies configured in a project.
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13067) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.3.
Prerequisites:
-
Maintainer or Owner
[
role
](
../../permissions.md#project-members-permissions
)
.
`License-Check`
is a
[
merge request approval
](
../../project/merge_requests/approvals/index.md
)
rule
you can enable to allow an individual or group to approve a merge request that contains a
`denied`
license.
...
...
ee/app/assets/javascripts/approvals/components/security_configuration/unconfigured_security_rule.vue
View file @
c08b79f7
...
...
@@ -21,27 +21,7 @@ export default {
<
template
>
<tr>
<!-- Suggested approval rule creation row -->
<template
v-if=
"rule.hasConfiguredJob"
>
<td
class=
"js-name"
colspan=
"4"
>
<rule-name
:name=
"rule.name"
/>
<div
class=
"gl-text-gray-500"
>
<gl-sprintf
:message=
"rule.enableDescription"
>
<template
#link
="
{ content }">
<gl-link
:href=
"rule.docsPath"
target=
"_blank"
>
{{
content
}}
</gl-link>
</
template
>
</gl-sprintf>
</div>
</td>
<td
class=
"gl-px-2! gl-text-right"
>
<gl-button
@
click=
"$emit('enable')"
>
{{ __('Enable') }}
</gl-button>
</td>
</template>
<!-- Approval rule suggestion when lacking appropriate CI job for the rule -->
<td
v-else
class=
"js-name"
colspan=
"5"
>
<td
class=
"js-name"
colspan=
"4"
>
<rule-name
:name=
"rule.name"
/>
<div
class=
"gl-text-gray-500"
>
...
...
@@ -52,5 +32,10 @@ export default {
</gl-sprintf>
</div>
</td>
<td
class=
"gl-px-2! gl-text-right"
>
<gl-button
@
click=
"$emit('enable')"
>
{{ __('Enable') }}
</gl-button>
</td>
</tr>
</template>
ee/app/assets/javascripts/approvals/components/security_configuration/unconfigured_security_rules.vue
View file @
c08b79f7
...
...
@@ -4,7 +4,6 @@ import { mapState, mapActions } from 'vuex';
import
{
LICENSE_CHECK_NAME
,
VULNERABILITY_CHECK_NAME
,
REPORT_TYPE_LICENSE_SCANNING
,
COVERAGE_CHECK_NAME
,
}
from
'
ee/approvals/constants
'
;
import
{
s__
}
from
'
~/locale
'
;
...
...
@@ -41,9 +40,6 @@ export default {
{
name
:
VULNERABILITY_CHECK_NAME
,
description
:
s__
(
'
SecurityApprovals|Configurable if security scanners are enabled. %{linkStart}Learn more.%{linkEnd}
'
,
),
enableDescription
:
s__
(
'
SecurityApprovals|Requires approval for vulnerabilities. %{linkStart}Learn more.%{linkEnd}
'
,
),
docsPath
:
this
.
vulnerabilityCheckHelpPagePath
,
...
...
@@ -51,9 +47,6 @@ export default {
{
name
:
LICENSE_CHECK_NAME
,
description
:
s__
(
'
SecurityApprovals|License Scanning must be enabled. %{linkStart}Learn more%{linkEnd}.
'
,
),
enableDescription
:
s__
(
'
SecurityApprovals|Requires approval for Denied licenses. %{linkStart}More information%{linkEnd}
'
,
),
docsPath
:
this
.
licenseCheckHelpPagePath
,
...
...
@@ -61,9 +54,6 @@ export default {
{
name
:
COVERAGE_CHECK_NAME
,
description
:
s__
(
'
SecurityApprovals|Test coverage must be enabled. %{linkStart}Learn more%{linkEnd}.
'
,
),
enableDescription
:
s__
(
'
SecurityApprovals|Requires approval for decreases in test coverage. %{linkStart}Learn more.%{linkEnd}
'
,
),
docsPath
:
this
.
coverageCheckHelpPagePath
,
...
...
@@ -73,10 +63,9 @@ export default {
unconfiguredRules
()
{
return
this
.
securityRules
.
reduce
((
filtered
,
securityRule
)
=>
{
const
hasApprovalRuleDefined
=
this
.
hasApprovalRuleDefined
(
securityRule
);
const
hasConfiguredJob
=
this
.
hasConfiguredJob
(
securityRule
);
if
(
!
hasApprovalRuleDefined
||
!
hasConfiguredJob
)
{
filtered
.
push
({
...
securityRule
,
hasConfiguredJob
});
if
(
!
hasApprovalRuleDefined
)
{
filtered
.
push
({
...
securityRule
});
}
return
filtered
;
},
[]);
...
...
@@ -93,15 +82,6 @@ export default {
return
matchRule
.
name
===
rule
.
name
;
});
},
hasConfiguredJob
(
matchRule
)
{
const
{
features
=
[]
}
=
this
.
configuration
;
return
(
matchRule
.
name
!==
LICENSE_CHECK_NAME
||
features
.
some
((
feature
)
=>
{
return
feature
.
type
===
REPORT_TYPE_LICENSE_SCANNING
&&
feature
.
configured
;
})
);
},
},
};
</
script
>
...
...
ee/spec/frontend/approvals/components/security_configuration/unconfigured_security_rule_spec.js
View file @
c08b79f7
...
...
@@ -20,22 +20,19 @@ describe('UnconfiguredSecurityRule component', () => {
const
vulnCheckRule
=
{
name
:
VULNERABILITY_CHECK_NAME
,
description
:
'
vuln-check description without enable button
'
,
enableDescription
:
'
vuln-check description with enable button
'
,
description
:
'
vuln-check description with enable button
'
,
docsPath
:
'
docs/vuln-check
'
,
};
const
licenseCheckRule
=
{
name
:
LICENSE_CHECK_NAME
,
description
:
'
license-check description without enable button
'
,
enableDescription
:
'
license-check description with enable button
'
,
description
:
'
license-check description with enable button
'
,
docsPath
:
'
docs/license-check
'
,
};
const
coverageCheckRule
=
{
name
:
COVERAGE_CHECK_NAME
,
description
:
'
coverage-check description without enable button
'
,
enableDescription
:
'
coverage-check description with enable button
'
,
description
:
'
coverage-check description with enable button
'
,
docsPath
:
'
docs/coverage-check
'
,
};
...
...
@@ -56,13 +53,13 @@ describe('UnconfiguredSecurityRule component', () => {
describe
.
each
`
rule | ruleName | descriptionText
${
licenseCheckRule
}
|
${
licenseCheckRule
.
name
}
|
${
licenseCheckRule
.
enableD
escription
}
${
vulnCheckRule
}
|
${
vulnCheckRule
.
name
}
|
${
vulnCheckRule
.
enableD
escription
}
${
coverageCheckRule
}
|
${
coverageCheckRule
.
name
}
|
${
coverageCheckRule
.
enableD
escription
}
`
(
'
with
a configured job that is eligible for
$ruleName
'
,
({
rule
,
descriptionText
})
=>
{
${
licenseCheckRule
}
|
${
licenseCheckRule
.
name
}
|
${
licenseCheckRule
.
d
escription
}
${
vulnCheckRule
}
|
${
vulnCheckRule
.
name
}
|
${
vulnCheckRule
.
d
escription
}
${
coverageCheckRule
}
|
${
coverageCheckRule
.
name
}
|
${
coverageCheckRule
.
d
escription
}
`
(
'
with $ruleName
'
,
({
rule
,
descriptionText
})
=>
{
beforeEach
(()
=>
{
createWrapper
({
rule
:
{
...
rule
,
hasConfiguredJob
:
true
},
rule
:
{
...
rule
},
});
description
=
findDescription
();
});
...
...
@@ -78,24 +75,4 @@ describe('UnconfiguredSecurityRule component', () => {
expect
(
wrapper
.
emitted
(
'
enable
'
)).
toEqual
([[]]);
});
});
describe
.
each
`
rule | ruleName | descriptionText
${
licenseCheckRule
}
|
${
licenseCheckRule
.
name
}
|
${
licenseCheckRule
.
description
}
${
vulnCheckRule
}
|
${
vulnCheckRule
.
name
}
|
${
vulnCheckRule
.
description
}
${
coverageCheckRule
}
|
${
coverageCheckRule
.
name
}
|
${
coverageCheckRule
.
description
}
`
(
'
with a unconfigured job that is eligible for $ruleName
'
,
({
rule
,
descriptionText
})
=>
{
beforeEach
(()
=>
{
createWrapper
({
rule
:
{
...
rule
,
hasConfiguredJob
:
false
},
});
description
=
findDescription
();
});
it
(
'
should render the row with the decription and no button
'
,
()
=>
{
expect
(
description
.
exists
()).
toBe
(
true
);
expect
(
description
.
text
()).
toBe
(
descriptionText
);
expect
(
findButton
().
exists
()).
toBe
(
false
);
});
});
});
ee/spec/frontend/approvals/components/security_configuration/unconfigured_security_rules_spec.js
View file @
c08b79f7
...
...
@@ -3,7 +3,6 @@ import { shallowMount, createLocalVue } from '@vue/test-utils';
import
Vuex
from
'
vuex
'
;
import
UnconfiguredSecurityRule
from
'
ee/approvals/components/security_configuration/unconfigured_security_rule.vue
'
;
import
UnconfiguredSecurityRules
from
'
ee/approvals/components/security_configuration/unconfigured_security_rules.vue
'
;
import
{
VULNERABILITY_CHECK_NAME
,
LICENSE_CHECK_NAME
}
from
'
ee/approvals/constants
'
;
import
{
createStoreOptions
}
from
'
ee/approvals/stores
'
;
import
projectSettingsModule
from
'
ee/approvals/stores/modules/project_settings
'
;
...
...
@@ -57,42 +56,6 @@ describe('UnconfiguredSecurityRules component', () => {
it
(
'
should render a unconfigured-security-rule component for every security rule
'
,
()
=>
{
expect
(
wrapper
.
findAll
(
UnconfiguredSecurityRule
).
length
).
toBe
(
3
);
});
describe
(
'
when license_scanning is set to true
'
,
()
=>
{
beforeEach
(()
=>
{
store
.
state
.
securityConfiguration
.
configuration
=
{
features
:
[{
type
:
'
license_scanning
'
,
configured
:
true
}],
};
});
it
(
'
returns true
'
,
()
=>
{
expect
(
wrapper
.
vm
.
hasConfiguredJob
({
name
:
LICENSE_CHECK_NAME
})).
toBe
(
true
);
});
});
describe
(
'
when license_scanning is set to false
'
,
()
=>
{
beforeEach
(()
=>
{
store
.
state
.
securityConfiguration
.
configuration
=
{
features
:
[{
type
:
'
license_scanning
'
,
configured
:
false
}],
};
});
it
(
'
returns false
'
,
()
=>
{
expect
(
wrapper
.
vm
.
hasConfiguredJob
({
name
:
LICENSE_CHECK_NAME
})).
toBe
(
false
);
});
});
describe
(
'
when all other scanners are set to false
'
,
()
=>
{
beforeEach
(()
=>
{
store
.
state
.
securityConfiguration
.
configuration
=
{
features
:
[{
type
:
'
container_scanning
'
,
configured
:
false
}],
};
});
it
(
'
returns true
'
,
()
=>
{
expect
(
wrapper
.
vm
.
hasConfiguredJob
({
name
:
VULNERABILITY_CHECK_NAME
})).
toBe
(
true
);
});
});
});
describe
.
each
`
...
...
locale/gitlab.pot
View file @
c08b79f7
...
...
@@ -29872,9 +29872,6 @@ msgstr ""
msgid "SecurityApprovals|A merge request approval is required when the license compliance report contains a denied license."
msgstr ""
msgid "SecurityApprovals|Configurable if security scanners are enabled. %{linkStart}Learn more.%{linkEnd}"
msgstr ""
msgid "SecurityApprovals|Coverage-Check"
msgstr ""
...
...
@@ -29887,9 +29884,6 @@ msgstr ""
msgid "SecurityApprovals|Learn more about Vulnerability-Check"
msgstr ""
msgid "SecurityApprovals|License Scanning must be enabled. %{linkStart}Learn more%{linkEnd}."
msgstr ""
msgid "SecurityApprovals|License-Check"
msgstr ""
...
...
@@ -29902,9 +29896,6 @@ msgstr ""
msgid "SecurityApprovals|Requires approval for vulnerabilities. %{linkStart}Learn more.%{linkEnd}"
msgstr ""
msgid "SecurityApprovals|Test coverage must be enabled. %{linkStart}Learn more%{linkEnd}."
msgstr ""
msgid "SecurityApprovals|Vulnerability-Check"
msgstr ""
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment