Use existing scanner profiles in on-demand scans

Added the ability to select existing DAST scanner profiles when running an on-demand DAST scan. This currently requires the securityOnDemandScansScannerProfiles feature flag to be enabled.

Use existing scanner profiles in on-demand scans
Added the ability to select existing DAST scanner profiles when running an on-demand DAST scan. This currently requires the securityOnDemandScansScannerProfiles feature flag to be enabled.
dd40f342 · Paul Gascou-Vaillancourt · aa96300a · dd40f342 · dd40f342 · aa96300a
Commit dd40f342 authored Aug 25, 2020 by Paul Gascou-Vaillancourt
11 changed files
--- a/ee/app/assets/javascripts/on_demand_scans/components/on_demand_scans_app.vue
+++ b/ee/app/assets/javascripts/on_demand_scans/components/on_demand_scans_app.vue
@@ -25,14 +25,6 @@ export default {
      type: String,
      required: true,
    },
-    profilesLibraryPath: {
-      type: String,
-      required: true,
-    },
-    newSiteProfilePath: {
-      type: String,
-      required: true,
-    },
  },
  data() {
    return {
@@ -49,8 +41,6 @@ export default {
        :help-page-path="helpPagePath"
        :project-path="projectPath"
        :default-branch="defaultBranch"
-        :profiles-library-path="profilesLibraryPath"
-        :new-site-profile-path="newSiteProfilePath"
        @cancel="showForm = false"
      />
    </template>

--- a/ee/app/assets/javascripts/on_demand_scans/components/on_demand_scans_form.vue
+++ b/ee/app/assets/javascripts/on_demand_scans/components/on_demand_scans_form.vue
--- a/ee/app/assets/javascripts/on_demand_scans/constants.js
+++ b/ee/app/assets/javascripts/on_demand_scans/constants.js
-export const SCAN_TYPES = {
-  PASSIVE: 'PASSIVE',
-};
--- a/ee/app/assets/javascripts/on_demand_scans/graphql/dast_on_demand_scan_create.mutation.graphql
+++ b/ee/app/assets/javascripts/on_demand_scans/graphql/dast_on_demand_scan_create.mutation.graphql
-mutation dastOnDemandScanCreate($fullPath: ID!, $dastSiteProfileId: DastSiteProfileID!) {
-  dastOnDemandScanCreate(input: { fullPath: $fullPath, dastSiteProfileId: $dastSiteProfileId }) {
+mutation dastOnDemandScanCreate(
+  $fullPath: ID!
+  $dastScannerProfileId: DastScannerProfileID
+  $dastSiteProfileId: DastSiteProfileID!
+) {
+  dastOnDemandScanCreate(
+    input: {
+      fullPath: $fullPath
+      dastScannerProfileId: $dastScannerProfileId
+      dastSiteProfileId: $dastSiteProfileId
+    }
+  ) {
    pipelineUrl
    errors
  }

--- a/ee/app/assets/javascripts/on_demand_scans/index.js
+++ b/ee/app/assets/javascripts/on_demand_scans/index.js
@@ -13,13 +13,21 @@ export default () => {
    emptyStateSvgPath,
    projectPath,
    defaultBranch,
-    profilesLibraryPath,
+    scannerProfilesLibraryPath,
+    siteProfilesLibraryPath,
    newSiteProfilePath,
+    newScannerProfilePath,
  } = el.dataset;

  return new Vue({
    el,
    apolloProvider,
+    provide: {
+      scannerProfilesLibraryPath,
+      siteProfilesLibraryPath,
+      newScannerProfilePath,
+      newSiteProfilePath,
+    },
    render(h) {
      return h(OnDemandScansApp, {
        props: {
@@ -27,8 +35,6 @@ export default () => {
          emptyStateSvgPath,
          projectPath,
          defaultBranch,
-          profilesLibraryPath,
-          newSiteProfilePath,
        },
      });
    },

--- a/ee/app/controllers/projects/on_demand_scans_controller.rb
+++ b/ee/app/controllers/projects/on_demand_scans_controller.rb
@@ -4,6 +4,7 @@ module Projects
  class OnDemandScansController < Projects::ApplicationController
    before_action do
      authorize_read_on_demand_scans!
+      push_frontend_feature_flag(:security_on_demand_scans_scanner_profiles)
    end

    def index

--- a/ee/app/helpers/projects/on_demand_scans_helper.rb
+++ b/ee/app/helpers/projects/on_demand_scans_helper.rb
@@ -7,7 +7,9 @@ module Projects::OnDemandScansHelper
      'empty-state-svg-path' => image_path('illustrations/empty-state/ondemand-scan-empty.svg'),
      'default-branch' => project.default_branch,
      'project-path' => project.path_with_namespace,
-      'profiles-library-path' => project_profiles_path(project),
+      'scanner-profiles-library-path' => project_profiles_path(project, anchor: 'scanner-profiles'),
+      'site-profiles-library-path' => project_profiles_path(project, anchor: 'site-profiles'),
+      'new-scanner-profile-path' => new_project_dast_scanner_profile_path(project),
      'new-site-profile-path' => new_project_dast_site_profile_path(project)
    }
  end

--- a/ee/spec/frontend/on_demand_scans/components/on_demand_scans_app_spec.js
+++ b/ee/spec/frontend/on_demand_scans/components/on_demand_scans_app_spec.js
@@ -9,7 +9,6 @@ const helpPagePath = `${TEST_HOST}/application_security/dast/index#on-demand-sca
 const projectPath = 'group/project';
 const defaultBranch = 'master';
 const emptyStateSvgPath = `${TEST_HOST}/assets/illustrations/alert-management-empty-state.svg`;
-const profilesLibraryPath = `${TEST_HOST}/${projectPath}/-/on_demand_scans/profiles`;
 const newSiteProfilePath = `${TEST_HOST}/${projectPath}/-/on_demand_scans/profiles`;

 describe('OnDemandScansApp', () => {
@@ -39,7 +38,6 @@ describe('OnDemandScansApp', () => {
            projectPath,
            defaultBranch,
            emptyStateSvgPath,
-            profilesLibraryPath,
            newSiteProfilePath,
          },
        },
@@ -85,8 +83,6 @@ describe('OnDemandScansApp', () => {
        helpPagePath,
        projectPath,
        defaultBranch,
-        profilesLibraryPath,
-        newSiteProfilePath,
      });
    });


--- a/ee/spec/frontend/on_demand_scans/components/on_demand_scans_form_spec.js
+++ b/ee/spec/frontend/on_demand_scans/components/on_demand_scans_form_spec.js
--- a/ee/spec/helpers/projects/on_demand_scans_helper_spec.rb
+++ b/ee/spec/helpers/projects/on_demand_scans_helper_spec.rb
@@ -12,7 +12,9 @@ RSpec.describe Projects::OnDemandScansHelper do
        'empty-state-svg-path' => match_asset_path('/assets/illustrations/empty-state/ondemand-scan-empty.svg'),
        'default-branch' => project.default_branch,
        'project-path' => project.path_with_namespace,
-        'profiles-library-path' => project_profiles_path(project),
+        'scanner-profiles-library-path' => project_profiles_path(project, anchor: 'scanner-profiles'),
+        'site-profiles-library-path' => project_profiles_path(project, anchor: 'site-profiles'),
+        'new-scanner-profile-path' => new_project_dast_scanner_profile_path(project),
        'new-site-profile-path' => new_project_dast_site_profile_path(project)
      )
    end

--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -7846,6 +7846,9 @@ msgstr ""
 msgid "DastProfiles|No profiles created yet"
 msgstr ""

+msgid "DastProfiles|Passive"
+msgstr ""
+
 msgid "DastProfiles|Please enter a valid URL format, ex: http://www.example.com/home"
 msgstr ""

@@ -7861,6 +7864,9 @@ msgstr ""
 msgid "DastProfiles|Save profile"
 msgstr ""

+msgid "DastProfiles|Scan mode"
+msgstr ""
+
 msgid "DastProfiles|Scanner Profile"
 msgstr ""

@@ -17245,12 +17251,18 @@ msgstr ""
 msgid "OnDemandScans|Attached branch is where the scan job runs."
 msgstr ""

+msgid "OnDemandScans|Could not fetch scanner profiles. Please refresh the page, or try again later."
+msgstr ""
+
 msgid "OnDemandScans|Could not fetch site profiles. Please refresh the page, or try again later."
 msgstr ""

 msgid "OnDemandScans|Could not run the scan. Please try again."
 msgstr ""

+msgid "OnDemandScans|Create a new scanner profile"
+msgstr ""
+
 msgid "OnDemandScans|Create a new site profile"
 msgstr ""

@@ -17263,6 +17275,9 @@ msgstr ""
 msgid "OnDemandScans|New on-demand DAST scan"
 msgstr ""

+msgid "OnDemandScans|No profile yet. In order to create a new scan, you need to have at least one completed scanner profile."
+msgstr ""
+
 msgid "OnDemandScans|No profile yet. In order to create a new scan, you need to have at least one completed site profile."
 msgstr ""

@@ -17296,6 +17311,9 @@ msgstr ""
 msgid "OnDemandScans|Site profiles"
 msgstr ""

+msgid "OnDemandScans|Use existing scanner profile"
+msgstr ""
+
 msgid "OnDemandScans|Use existing site profile"
 msgstr ""