Remove improved_container_scan_matching feature flag

config/feature_flags/development/improved_container_scan_matching.yml

----
-name: improved_container_scan_matching
-introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/73486
-rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/344534
-milestone: '14.6'
-type: development
-group: group::container security
-default_enabled: true

ee/lib/gitlab/ci/parsers/security/container_scanning.rb

@@ -13,22 +13,15 @@ module Gitlab
               operating_system: location_data['operating_system'],
               package_name: location_data.dig('dependency', 'package', 'name'),
               package_version: location_data.dig('dependency', 'version'),
-              default_branch_image: default_branch_image(location_data),
-              improved_container_scan_matching_enabled: improved_container_scan_matching_enabled?
+              default_branch_image: default_branch_image(location_data)
             )
           end
 
           def default_branch_image(location_data)
-            return unless improved_container_scan_matching_enabled?
-
             return if @report.pipeline.default_branch?
 
             location_data['default_branch_image']
           end
-
-          def improved_container_scan_matching_enabled?
-            Feature.enabled?(:improved_container_scan_matching, @report.pipeline.project, default_enabled: :yaml)
-          end
         end
       end
     end

ee/lib/gitlab/ci/reports/security/locations/container_scanning.rb

@@ -17,38 +17,26 @@ module Gitlab
               operating_system:,
               package_name: nil,
               package_version: nil,
-              default_branch_image: nil,
-              improved_container_scan_matching_enabled: false
+              default_branch_image: nil
             )
               @image = image
               @operating_system = operating_system
               @package_name = package_name
               @package_version = package_version
               @default_branch_image = default_branch_image
-              @improved_container_scan_matching_enabled = improved_container_scan_matching_enabled
             end
 
             def fingerprint_data
               "#{docker_image_name_without_tag}:#{package_name}"
             end
 
-            def improved_container_scan_matching_enabled?
-              @improved_container_scan_matching_enabled
-            end
-
             private
 
             def docker_image_name_without_tag
-              if improved_container_scan_matching_enabled?
               image_name = default_branch_image.presence || image
               base_name, _, version = image_name.rpartition(':')
 
               return image_name if version_semver_like?(version)
-              else
-                base_name, version = image.split(':')
-
-                return image if version_semver_like?(version)
-              end
 
               base_name
             end

ee/spec/lib/gitlab/ci/parsers/security/container_scanning_spec.rb

@@ -42,32 +42,7 @@ RSpec.describe Gitlab::Ci::Parsers::Security::ContainerScanning do
   end
 
   describe '#parse!' do
-    context 'when improved_container_scan_matching is disabled' do
     before do
-        stub_feature_flags(improved_container_scan_matching: false)
-        artifact.each_blob { |blob| described_class.parse!(blob, report) }
-      end
-
-      it_behaves_like 'report'
-
-      context 'when not on default branch' do
-        let(:current_branch) { 'not-default' }
-
-        it 'does not include default_branch_image' do
-          location = report.findings.first.location
-
-          expect(location).to be_a(::Gitlab::Ci::Reports::Security::Locations::ContainerScanning)
-          expect(location).to have_attributes(
-            default_branch_image: nil,
-            improved_container_scan_matching_enabled?: false
-          )
-        end
-      end
-    end
-
-    context 'when improved_container_scan_matching is enabled' do
-      before do
-        stub_feature_flags(improved_container_scan_matching: true)
       artifact.each_blob { |blob| described_class.parse!(blob, report) }
     end
 
@@ -81,8 +56,7 @@ RSpec.describe Gitlab::Ci::Parsers::Security::ContainerScanning do
 
         expect(location).to be_a(::Gitlab::Ci::Reports::Security::Locations::ContainerScanning)
         expect(location).to have_attributes(
-            default_branch_image: nil,
-            improved_container_scan_matching_enabled?: true
+          default_branch_image: nil
         )
       end
     end
@@ -95,11 +69,9 @@ RSpec.describe Gitlab::Ci::Parsers::Security::ContainerScanning do
 
         expect(location).to be_a(::Gitlab::Ci::Reports::Security::Locations::ContainerScanning)
         expect(location).to have_attributes(
-            default_branch_image: default_branch_image,
-            improved_container_scan_matching_enabled?: true
+          default_branch_image: default_branch_image
         )
       end
     end
   end
-  end
 end

ee/spec/lib/gitlab/ci/reports/security/locations/container_scanning_spec.rb

@@ -23,7 +23,6 @@ RSpec.describe Gitlab::Ci::Reports::Security::Locations::ContainerScanning do
   describe 'fingerprint' do
     sha1_of = -> (input) { Digest::SHA1.hexdigest(input) }
 
-    context 'with feature enabled' do
     where(:image, :default_branch_image, :expected_fingerprint_input) do
       [
         ['alpine:3.7.3', nil, 'alpine:3.7.3:glibc'],
@@ -70,49 +69,6 @@ RSpec.describe Gitlab::Ci::Reports::Security::Locations::ContainerScanning do
           default_branch_image: default_branch_image,
           operating_system: 'debian:9',
           package_name: 'glibc',
-            package_version: '1.2.3',
-            improved_container_scan_matching_enabled: true
-          }
-        end
-
-        specify { expect(subject.fingerprint).to eq(sha1_of.call(expected_fingerprint_input)) }
-      end
-    end
-
-    context 'with feature disabled' do
-      let(:params) do
-        {
-          image: 'registry.gitlab.com/group/project/feature:ec301f43f14a2b477806875e49cfc4d3fa0d22c3',
-          default_branch_image: 'registry.gitlab.com/group/project/master:ec301f43f14a2b477806875e49cfc4d3fa0d22c3',
-          operating_system: 'debian:9',
-          package_name: 'glibc',
-          package_version: '1.2.3'
-        }
-      end
-
-      it 'ignores default_branch_image' do
-        expect(subject.fingerprint).to eq(sha1_of.call('registry.gitlab.com/group/project/feature:glibc'))
-      end
-
-      where(:image, :expected_fingerprint_input) do
-        [
-          ['alpine:3.7.3', 'alpine:3.7.3:glibc'],
-          ['alpine:3.7', 'alpine:3.7:glibc'],
-          ['alpine:8101518288111119448185914762536722131810', 'alpine:glibc'],
-          ['alpine:1.0.0-beta', 'alpine:1.0.0-beta:glibc'],
-          [
-            'registry.gitlab.com/group/project/tmp:af864bd61230d3d694eb01d6205b268b4ad63ac0',
-            'registry.gitlab.com/group/project/tmp:glibc'
-          ]
-        ]
-      end
-
-      with_them do
-        let(:params) do
-          {
-            image: image,
-            operating_system: 'debian:9',
-            package_name: 'glibc',
           package_version: '1.2.3'
         }
       end
@@ -120,5 +76,4 @@ RSpec.describe Gitlab::Ci::Reports::Security::Locations::ContainerScanning do
       specify { expect(subject.fingerprint).to eq(sha1_of.call(expected_fingerprint_input)) }
     end
   end
-  end
 end