Skip to content

G
gitlab-ce
Commit c08b79f7 authored by Sam White's avatar Sam White Committed by Illya Klymov
Browse files
Options

Remove job dependency for license-check

parent ba24ccf6
Hide whitespace changes
Inline Side-by-side
Showing with 20 additions and 120 deletions
doc/user/compliance/license_compliance/index.md
View file @ c08b79f7
......@@ -754,6 +754,10 @@ Developers of the project can view the policies configured in a project.
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13067) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.3.
Prerequisites:
- Maintainer or Owner [role](../../permissions.md#project-members-permissions).
`License-Check` is a [merge request approval](../../project/merge_requests/approvals/index.md) rule
you can enable to allow an individual or group to approve a merge request that contains a `denied`
license.
......
ee/app/assets/javascripts/approvals/components/security_configuration/unconfigured_security_rule.vue
View file @ c08b79f7
......@@ -21,27 +21,7 @@ export default {
<template>
<tr>
<!-- Suggested approval rule creation row -->
<template v-if="rule.hasConfiguredJob">
<td class="js-name" colspan="4">
<rule-name :name="rule.name" />
<div class="gl-text-gray-500">
<gl-sprintf :message="rule.enableDescription">
<template #link="{ content }">
<gl-link :href="rule.docsPath" target="_blank">{{ content }}</gl-link>
</template>
</gl-sprintf>
</div>
</td>
<td class="gl-px-2! gl-text-right">
<gl-button @click="$emit('enable')">
{{ __('Enable') }}
</gl-button>
</td>
</template>
<!-- Approval rule suggestion when lacking appropriate CI job for the rule -->
<td v-else class="js-name" colspan="5">
<td class="js-name" colspan="4">
<rule-name :name="rule.name" />
<div class="gl-text-gray-500">
......@@ -52,5 +32,10 @@ export default {
</gl-sprintf>
</div>
</td>
<td class="gl-px-2! gl-text-right">
<gl-button @click="$emit('enable')">
{{ __('Enable') }}
</gl-button>
</td>
</tr>
</template>
ee/app/assets/javascripts/approvals/components/security_configuration/unconfigured_security_rules.vue
View file @ c08b79f7
......@@ -4,7 +4,6 @@ import { mapState, mapActions } from 'vuex';
import {
LICENSE_CHECK_NAME,
VULNERABILITY_CHECK_NAME,
REPORT_TYPE_LICENSE_SCANNING,
COVERAGE_CHECK_NAME,
} from 'ee/approvals/constants';
import { s__ } from '~/locale';
......@@ -41,9 +40,6 @@ export default {
{
name: VULNERABILITY_CHECK_NAME,
description: s__(
'SecurityApprovals|Configurable if security scanners are enabled. %{linkStart}Learn more.%{linkEnd}',
),
enableDescription: s__(
'SecurityApprovals|Requires approval for vulnerabilities. %{linkStart}Learn more.%{linkEnd}',
),
docsPath: this.vulnerabilityCheckHelpPagePath,
......@@ -51,9 +47,6 @@ export default {
{
name: LICENSE_CHECK_NAME,
description: s__(
'SecurityApprovals|License Scanning must be enabled. %{linkStart}Learn more%{linkEnd}.',
),
enableDescription: s__(
'SecurityApprovals|Requires approval for Denied licenses. %{linkStart}More information%{linkEnd}',
),
docsPath: this.licenseCheckHelpPagePath,
......@@ -61,9 +54,6 @@ export default {
{
name: COVERAGE_CHECK_NAME,
description: s__(
'SecurityApprovals|Test coverage must be enabled. %{linkStart}Learn more%{linkEnd}.',
),
enableDescription: s__(
'SecurityApprovals|Requires approval for decreases in test coverage. %{linkStart}Learn more.%{linkEnd}',
),
docsPath: this.coverageCheckHelpPagePath,
......@@ -73,10 +63,9 @@ export default {
unconfiguredRules() {
return this.securityRules.reduce((filtered, securityRule) => {
const hasApprovalRuleDefined = this.hasApprovalRuleDefined(securityRule);
const hasConfiguredJob = this.hasConfiguredJob(securityRule);
if (!hasApprovalRuleDefined || !hasConfiguredJob) {
filtered.push({ ...securityRule, hasConfiguredJob });
if (!hasApprovalRuleDefined) {
filtered.push({ ...securityRule });
}
return filtered;
}, []);
......@@ -93,15 +82,6 @@ export default {
return matchRule.name === rule.name;
});
},
hasConfiguredJob(matchRule) {
const { features = [] } = this.configuration;
return (
matchRule.name !== LICENSE_CHECK_NAME ||
features.some((feature) => {
return feature.type === REPORT_TYPE_LICENSE_SCANNING && feature.configured;
})
);
},
},
};
</script>
......
ee/spec/frontend/approvals/components/security_configuration/unconfigured_security_rule_spec.js
View file @ c08b79f7
......@@ -20,22 +20,19 @@ describe('UnconfiguredSecurityRule component', () => {
const vulnCheckRule = {
name: VULNERABILITY_CHECK_NAME,
description: 'vuln-check description without enable button',
enableDescription: 'vuln-check description with enable button',
description: 'vuln-check description with enable button',
docsPath: 'docs/vuln-check',
};
const licenseCheckRule = {
name: LICENSE_CHECK_NAME,
description: 'license-check description without enable button',
enableDescription: 'license-check description with enable button',
description: 'license-check description with enable button',
docsPath: 'docs/license-check',
};
const coverageCheckRule = {
name: COVERAGE_CHECK_NAME,
description: 'coverage-check description without enable button',
enableDescription: 'coverage-check description with enable button',
description: 'coverage-check description with enable button',
docsPath: 'docs/coverage-check',
};
......@@ -56,13 +53,13 @@ describe('UnconfiguredSecurityRule component', () => {
describe.each`
rule | ruleName | descriptionText
${licenseCheckRule} | ${licenseCheckRule.name} | ${licenseCheckRule.enableDescription}
${vulnCheckRule} | ${vulnCheckRule.name} | ${vulnCheckRule.enableDescription}
${coverageCheckRule} | ${coverageCheckRule.name} | ${coverageCheckRule.enableDescription}
`('with a configured job that is eligible for $ruleName', ({ rule, descriptionText }) => {
${licenseCheckRule} | ${licenseCheckRule.name} | ${licenseCheckRule.description}
${vulnCheckRule} | ${vulnCheckRule.name} | ${vulnCheckRule.description}
${coverageCheckRule} | ${coverageCheckRule.name} | ${coverageCheckRule.description}
`('with $ruleName', ({ rule, descriptionText }) => {
beforeEach(() => {
createWrapper({
rule: { ...rule, hasConfiguredJob: true },
rule: { ...rule },
});
description = findDescription();
});
......@@ -78,24 +75,4 @@ describe('UnconfiguredSecurityRule component', () => {
expect(wrapper.emitted('enable')).toEqual([[]]);
});
});
describe.each`
rule | ruleName | descriptionText
${licenseCheckRule} | ${licenseCheckRule.name} | ${licenseCheckRule.description}
${vulnCheckRule} | ${vulnCheckRule.name} | ${vulnCheckRule.description}
${coverageCheckRule} | ${coverageCheckRule.name} | ${coverageCheckRule.description}
`('with a unconfigured job that is eligible for $ruleName', ({ rule, descriptionText }) => {
beforeEach(() => {
createWrapper({
rule: { ...rule, hasConfiguredJob: false },
});
description = findDescription();
});
it('should render the row with the decription and no button', () => {
expect(description.exists()).toBe(true);
expect(description.text()).toBe(descriptionText);
expect(findButton().exists()).toBe(false);
});
});
});
ee/spec/frontend/approvals/components/security_configuration/unconfigured_security_rules_spec.js
View file @ c08b79f7
......@@ -3,7 +3,6 @@ import { shallowMount, createLocalVue } from '@vue/test-utils';
import Vuex from 'vuex';
import UnconfiguredSecurityRule from 'ee/approvals/components/security_configuration/unconfigured_security_rule.vue';
import UnconfiguredSecurityRules from 'ee/approvals/components/security_configuration/unconfigured_security_rules.vue';
import { VULNERABILITY_CHECK_NAME, LICENSE_CHECK_NAME } from 'ee/approvals/constants';
import { createStoreOptions } from 'ee/approvals/stores';
import projectSettingsModule from 'ee/approvals/stores/modules/project_settings';
......@@ -57,42 +56,6 @@ describe('UnconfiguredSecurityRules component', () => {
it('should render a unconfigured-security-rule component for every security rule ', () => {
expect(wrapper.findAll(UnconfiguredSecurityRule).length).toBe(3);
});
describe('when license_scanning is set to true', () => {
beforeEach(() => {
store.state.securityConfiguration.configuration = {
features: [{ type: 'license_scanning', configured: true }],
};
});
it('returns true', () => {
expect(wrapper.vm.hasConfiguredJob({ name: LICENSE_CHECK_NAME })).toBe(true);
});
});
describe('when license_scanning is set to false', () => {
beforeEach(() => {
store.state.securityConfiguration.configuration = {
features: [{ type: 'license_scanning', configured: false }],
};
});
it('returns false', () => {
expect(wrapper.vm.hasConfiguredJob({ name: LICENSE_CHECK_NAME })).toBe(false);
});
});
describe('when all other scanners are set to false', () => {
beforeEach(() => {
store.state.securityConfiguration.configuration = {
features: [{ type: 'container_scanning', configured: false }],
};
});
it('returns true', () => {
expect(wrapper.vm.hasConfiguredJob({ name: VULNERABILITY_CHECK_NAME })).toBe(true);
});
});
});
describe.each`
......
locale/gitlab.pot
View file @ c08b79f7
......@@ -29872,9 +29872,6 @@ msgstr ""
msgid "SecurityApprovals|A merge request approval is required when the license compliance report contains a denied license."
msgstr ""
msgid "SecurityApprovals|Configurable if security scanners are enabled. %{linkStart}Learn more.%{linkEnd}"
msgstr ""
msgid "SecurityApprovals|Coverage-Check"
msgstr ""
......@@ -29887,9 +29884,6 @@ msgstr ""
msgid "SecurityApprovals|Learn more about Vulnerability-Check"
msgstr ""
msgid "SecurityApprovals|License Scanning must be enabled. %{linkStart}Learn more%{linkEnd}."
msgstr ""
msgid "SecurityApprovals|License-Check"
msgstr ""
......@@ -29902,9 +29896,6 @@ msgstr ""
msgid "SecurityApprovals|Requires approval for vulnerabilities. %{linkStart}Learn more.%{linkEnd}"
msgstr ""
msgid "SecurityApprovals|Test coverage must be enabled. %{linkStart}Learn more%{linkEnd}."
msgstr ""
msgid "SecurityApprovals|Vulnerability-Check"
msgstr ""
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7