From bacf57bb120b3b65e7efbe2f678763e4b0ae0d34 Mon Sep 17 00:00:00 2001 From: Tetiana Chupryna Date: Fri, 31 Mar 2023 18:13:54 +0200 Subject: [PATCH 01/11] Add admin setting to sync license db Add ability to control which package types should be imported from the external database Issue: https://gitlab.com/gitlab-org/gitlab/-/issues/398192 Changelog: added --- .../admin/application_settings_controller.rb | 4 +++ app/models/concerns/enums/package_metadata.rb | 4 +++ .../layouts/nav/sidebar/_admin.html.haml | 1 + ...0230403145705_add_purl_sync_to_settings.rb | 7 +++++ db/schema_migrations/20230403145705 | 1 + db/structure.sql | 1 + .../admin/application_settings_controller.rb | 3 +- .../helpers/ee/application_settings_helper.rb | 15 ++++++++++ ee/app/models/ee/application_setting.rb | 4 +++ .../package_metadata/sync_configuration.rb | 9 ++++-- .../services/package_metadata/sync_service.rb | 2 +- .../_license_compliance.html.haml | 14 +++++++++ .../security_and_compliance.html.haml | 14 +++++++++ ..._security_and_compliance_sidebar.html.haml | 5 ++++ ee/config/routes/admin.rb | 2 +- .../sync_configuration_spec.rb | 30 +++++++++++++++++-- .../package_metadata/sync_service_spec.rb | 4 +++ 17 files changed, 113 insertions(+), 7 deletions(-) create mode 100644 db/migrate/20230403145705_add_purl_sync_to_settings.rb create mode 100644 db/schema_migrations/20230403145705 create mode 100644 ee/app/views/admin/application_settings/_license_compliance.html.haml create mode 100644 ee/app/views/admin/application_settings/security_and_compliance.html.haml create mode 100644 ee/app/views/layouts/nav/ee/admin/_security_and_compliance_sidebar.html.haml diff --git a/app/controllers/admin/application_settings_controller.rb b/app/controllers/admin/application_settings_controller.rb index 0bbfeae6656399..89ca30fdacdc3b 100644 --- a/app/controllers/admin/application_settings_controller.rb +++ b/app/controllers/admin/application_settings_controller.rb @@ -234,6 +234,9 @@ def application_setting_params # rubocop:disable Metrics/AbcSize params[:application_setting][:valid_runner_registrars]&.delete("") params[:application_setting][:restricted_visibility_levels]&.delete("") + params[:application_setting][:license_compliance_purl_types]&.delete("") + params[:application_setting][:license_compliance_purl_types]&.map!(&:to_i) + if params[:application_setting].key?(:required_instance_ci_template) if params[:application_setting][:required_instance_ci_template].empty? params[:application_setting][:required_instance_ci_template] = nil @@ -276,6 +279,7 @@ def visible_application_setting_attributes :default_branch_name, disabled_oauth_sign_in_sources: [], import_sources: [], + license_compliance_purl_types: [], restricted_visibility_levels: [], repository_storages_weighted: {}, valid_runner_registrars: [] diff --git a/app/models/concerns/enums/package_metadata.rb b/app/models/concerns/enums/package_metadata.rb index abacee363c9042..a866e2b995a7ce 100644 --- a/app/models/concerns/enums/package_metadata.rb +++ b/app/models/concerns/enums/package_metadata.rb @@ -20,5 +20,9 @@ class PackageMetadata def self.purl_types PURL_TYPES end + + def self.purl_types_numerical + purl_types.invert + end end end diff --git a/app/views/layouts/nav/sidebar/_admin.html.haml b/app/views/layouts/nav/sidebar/_admin.html.haml index 24b301fadce65e..2d61e40362355d 100644 --- a/app/views/layouts/nav/sidebar/_admin.html.haml +++ b/app/views/layouts/nav/sidebar/_admin.html.haml @@ -270,6 +270,7 @@ = link_to ci_cd_admin_application_settings_path, title: _('CI/CD') do %span = _('CI/CD') + = render_if_exists 'layouts/nav/ee/admin/security_and_compliance_sidebar' = nav_link(path: 'application_settings#reporting') do = link_to reporting_admin_application_settings_path, title: _('Reporting') do %span diff --git a/db/migrate/20230403145705_add_purl_sync_to_settings.rb b/db/migrate/20230403145705_add_purl_sync_to_settings.rb new file mode 100644 index 00000000000000..6f45369b6cff1b --- /dev/null +++ b/db/migrate/20230403145705_add_purl_sync_to_settings.rb @@ -0,0 +1,7 @@ +# frozen_string_literal: true + +class AddPurlSyncToSettings < Gitlab::Database::Migration[2.1] + def change + add_column :application_settings, :license_compliance_purl_types, :integer, array: true, default: [] + end +end diff --git a/db/schema_migrations/20230403145705 b/db/schema_migrations/20230403145705 new file mode 100644 index 00000000000000..80e6357e3e45d2 --- /dev/null +++ b/db/schema_migrations/20230403145705 @@ -0,0 +1 @@ +856d50399914b6df0c07d328723197a57806c0883157cbfe67f0c578708a1bde \ No newline at end of file diff --git a/db/structure.sql b/db/structure.sql index 1fe90c6f031fc1..54f69a082a0bfd 100644 --- a/db/structure.sql +++ b/db/structure.sql @@ -11757,6 +11757,7 @@ CREATE TABLE application_settings ( encrypted_openai_api_key bytea, encrypted_openai_api_key_iv bytea, database_max_running_batched_background_migrations integer DEFAULT 2 NOT NULL, + license_compliance_purl_types integer[] DEFAULT '{}'::integer[], CONSTRAINT app_settings_container_reg_cleanup_tags_max_list_size_positive CHECK ((container_registry_cleanup_tags_service_max_list_size >= 0)), CONSTRAINT app_settings_container_registry_pre_import_tags_rate_positive CHECK ((container_registry_pre_import_tags_rate >= (0)::numeric)), CONSTRAINT app_settings_dep_proxy_ttl_policies_worker_capacity_positive CHECK ((dependency_proxy_ttl_group_policy_worker_capacity >= 0)), diff --git a/ee/app/controllers/ee/admin/application_settings_controller.rb b/ee/app/controllers/ee/admin/application_settings_controller.rb index db0223ef2b5373..ab42039a176f05 100644 --- a/ee/app/controllers/ee/admin/application_settings_controller.rb +++ b/ee/app/controllers/ee/admin/application_settings_controller.rb @@ -22,6 +22,7 @@ module ApplicationSettingsController feature_category :sm_provisioning, [:seat_link_payload] feature_category :source_code_management, [:templates] feature_category :global_search, [:advanced_search] + feature_category :license_compliance, [:security_and_compliance] urgency :low, [:advanced_search, :seat_link_payload] def elasticsearch_reindexing_task @@ -65,7 +66,7 @@ def scim_token end end - EE_VALID_SETTING_PANELS = %w(advanced_search templates).freeze + EE_VALID_SETTING_PANELS = %w(advanced_search templates security_and_compliance).freeze EE_VALID_SETTING_PANELS.each do |action| define_method(action) { perform_update if submitted? } diff --git a/ee/app/helpers/ee/application_settings_helper.rb b/ee/app/helpers/ee/application_settings_helper.rb index 8f1872713f6d37..eb8e66af557bf0 100644 --- a/ee/app/helpers/ee/application_settings_helper.rb +++ b/ee/app/helpers/ee/application_settings_helper.rb @@ -219,5 +219,20 @@ def git_abuse_rate_limit_data auto_ban_user_on_excessive_projects_download: auto_ban_users } end + + def sync_purl_types_checkboxes(form) + ::Enums::PackageMetadata.purl_types.keys.map do |name| + checked = @application_setting.license_compliance_purl_types_names.include?(name) + numeric = ::Enums::PackageMetadata.purl_types[name] + + form.gitlab_ui_checkbox_component( + :license_compliance_purl_types, + name, + checkbox_options: { checked: checked, multiple: true, autocomplete: 'off' }, + checked_value: numeric, + unchecked_value: nil + ) + end + end end end diff --git a/ee/app/models/ee/application_setting.rb b/ee/app/models/ee/application_setting.rb index d0e42e9f086b7b..a0b8d1d1cf21d8 100644 --- a/ee/app/models/ee/application_setting.rb +++ b/ee/app/models/ee/application_setting.rb @@ -505,6 +505,10 @@ def git_rate_limit_users_alertlist self[:git_rate_limit_users_alertlist].presence || ::User.admins.active.pluck_primary_key end + def license_compliance_purl_types_names + ::Enums::PackageMetadata.purl_types_numerical.values_at(*license_compliance_purl_types) + end + def unique_project_download_limit_enabled? return true if max_number_of_repository_downloads.nonzero? && max_number_of_repository_downloads_within_time_period.nonzero? diff --git a/ee/app/models/package_metadata/sync_configuration.rb b/ee/app/models/package_metadata/sync_configuration.rb index 2f7f905571bdfa..e44b11d725f186 100644 --- a/ee/app/models/package_metadata/sync_configuration.rb +++ b/ee/app/models/package_metadata/sync_configuration.rb @@ -21,9 +21,10 @@ class SyncConfiguration }.with_indifferent_access.freeze - def self.all + def self.purl_types storage_type = get_storage_type - ::Enums::PackageMetadata.purl_types.map do |purl_type, _| + + permitted_purl_types.map do |purl_type, _| new(storage_type, BUCKET_NAME, VERSION_FORMAT, purl_type) end end @@ -40,6 +41,10 @@ def self.registry_id(purl_type) PURL_TYPE_TO_REGISTRY_ID[purl_type].freeze end + def self.permitted_purl_types + ::Gitlab::CurrentSettings.current_application_settings.license_compliance_purl_types_names + end + attr_accessor :storage_type, :base_uri, :version_format, :purl_type def initialize(storage_type, base_uri, version_format, purl_type) diff --git a/ee/app/services/package_metadata/sync_service.rb b/ee/app/services/package_metadata/sync_service.rb index e9501c35b16612..8f014772ecf195 100644 --- a/ee/app/services/package_metadata/sync_service.rb +++ b/ee/app/services/package_metadata/sync_service.rb @@ -7,7 +7,7 @@ class SyncService THROTTLE_RATE = 0.75.seconds def self.execute(signal) - SyncConfiguration.all.each do |config| + SyncConfiguration.purl_types.each do |config| if signal.stop? break Gitlab::AppJsonLogger.debug(class: name, message: "Stop signal received before starting #{config.purl_type} sync") diff --git a/ee/app/views/admin/application_settings/_license_compliance.html.haml b/ee/app/views/admin/application_settings/_license_compliance.html.haml new file mode 100644 index 00000000000000..d4e8e115694f2d --- /dev/null +++ b/ee/app/views/admin/application_settings/_license_compliance.html.haml @@ -0,0 +1,14 @@ += gitlab_ui_form_for @application_setting, url: general_admin_application_settings_path(anchor: 'js-license-compliance-settings'), html: { class: 'fieldset-form', id: 'license-compliance-settings' } do |f| + = form_errors(@application_setting) + + %fieldset + .form-group + = f.label :license_compliance_purl_types, s_('AdminSettings|Package data to sync'), class: 'label-bold gl-mb-0' + %span.form-text.gl-mt-0.gl-mb-3#license_compliance_purl_types-help + = _('Types of packages to sync with external source, required for License Compliance for CycloneDX files') + = link_to sprite_icon('question-o'), help_page_path("user/compliance/license_scanning_of_cyclonedx_files/index") + = hidden_field_tag 'application_setting[license_compliance_purl_types][]' + - sync_purl_types_checkboxes(f).each do |checkbox| + = checkbox + = f.submit _('Save changes'), pajamas_button: true + diff --git a/ee/app/views/admin/application_settings/security_and_compliance.html.haml b/ee/app/views/admin/application_settings/security_and_compliance.html.haml new file mode 100644 index 00000000000000..b78ce20b715e4f --- /dev/null +++ b/ee/app/views/admin/application_settings/security_and_compliance.html.haml @@ -0,0 +1,14 @@ +- breadcrumb_title _("Security and Compliance") +- page_title _("Security and Compliance") +- add_page_specific_style 'page_bundles/settings' + +%section.settings.as-license-compliance.no-animate#js-license-compliance-settings{ class: ('expanded' if expanded_by_default?), data: { testid: 'admin-license-compliance-settings' } } + .settings-header + %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only + = _('License Compliance') + = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do + = expanded_by_default? ? _('Collapse') : _('Expand') + %p + = _('Settings for License Compliance feature') + .settings-content + = render 'license_compliance' diff --git a/ee/app/views/layouts/nav/ee/admin/_security_and_compliance_sidebar.html.haml b/ee/app/views/layouts/nav/ee/admin/_security_and_compliance_sidebar.html.haml new file mode 100644 index 00000000000000..093316e40f4076 --- /dev/null +++ b/ee/app/views/layouts/nav/ee/admin/_security_and_compliance_sidebar.html.haml @@ -0,0 +1,5 @@ +- if License.feature_available?(:license_scanning) + = nav_link do + = link_to security_and_compliance_admin_application_settings_path, title: _('Security and Compliance'), data: { qa_selector: 'admin_security_and_compliance_link' } do + %span + Security and Compliance diff --git a/ee/config/routes/admin.rb b/ee/config/routes/admin.rb index d367b89dd64e82..6c5bb93c1d8945 100644 --- a/ee/config/routes/admin.rb +++ b/ee/config/routes/admin.rb @@ -44,7 +44,7 @@ # using `only: []` to keep duplicate routes from being created resource :application_settings, only: [] do get :seat_link_payload - match :templates, :advanced_search, via: [:get, :patch] + match :templates, :advanced_search, :security_and_compliance, via: [:get, :patch] get :geo, to: "geo/settings#show" resource :scim_oauth, only: [:create], controller: :scim_oauth, module: 'application_settings' diff --git a/ee/spec/models/package_metadata/sync_configuration_spec.rb b/ee/spec/models/package_metadata/sync_configuration_spec.rb index 9839fb3997c577..63e79b43cecdb8 100644 --- a/ee/spec/models/package_metadata/sync_configuration_spec.rb +++ b/ee/spec/models/package_metadata/sync_configuration_spec.rb @@ -3,8 +3,13 @@ require 'spec_helper' RSpec.describe PackageMetadata::SyncConfiguration, feature_category: :license_compliance do - describe '.all' do - subject(:registries) { described_class.all } + describe '.purl_types' do + subject(:registries) { described_class.purl_types } + + context 'with all purl types allowed to sync' do + before do + stub_application_setting(license_compliance_purl_types: Enums::PackageMetadata.purl_types.values) + end it 'returns a configuration instance for each known purl type' do expect(registries).to match_array([ @@ -34,6 +39,27 @@ version_format: described_class::VERSION_FORMAT, purl_type: 'cbl_mariner') ]) end + + context 'with some purl types allowed to sync' do + before do + stub_application_setting(license_compliance_purl_types: [1, 5]) + end + + it 'returns a configuration instance only for selected types' do + expect(registries).to match_array([ + have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, + version_format: described_class::VERSION_FORMAT, purl_type: 'composer'), + have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, + version_format: described_class::VERSION_FORMAT, purl_type: 'maven') + ]) + end + end + + context 'with none purl types allowed to sync' do + it 'returns an empty array' do + expect(registries).to be_empty + end + end end describe '.get_storage_type' do diff --git a/ee/spec/services/package_metadata/sync_service_spec.rb b/ee/spec/services/package_metadata/sync_service_spec.rb index acbfd430d09194..de8e4fae573bc1 100644 --- a/ee/spec/services/package_metadata/sync_service_spec.rb +++ b/ee/spec/services/package_metadata/sync_service_spec.rb @@ -114,6 +114,10 @@ subject(:execute) { described_class.execute(stop_signal) } + before do + stub_application_setting(license_compliance_purl_types: Enums::PackageMetadata.purl_types.values) + end + context 'when stop_signal.stop? is false' do let(:should_stop) { false } -- GitLab From 3817c276b715a2971aa2c64ad075a4e408fe871e Mon Sep 17 00:00:00 2001 From: Tetiana Chupryna Date: Wed, 5 Apr 2023 15:58:35 +0200 Subject: [PATCH 02/11] Add strings to translation --- locale/gitlab.pot | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/locale/gitlab.pot b/locale/gitlab.pot index ad22dbe5268c27..bbfce5eb7ee2e6 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -3102,6 +3102,9 @@ msgstr "" msgid "AdminSettings|Only enable search after installing the plugin, enabling indexing, and recreating the index." msgstr "" +msgid "AdminSettings|Package data to sync" +msgstr "" + msgid "AdminSettings|Pause Elasticsearch indexing" msgstr "" @@ -40864,6 +40867,9 @@ msgstr[1] "" msgid "Settings" msgstr "" +msgid "Settings for License Compliance feature" +msgstr "" + msgid "Settings|Unable to load the merge request options settings. Try reloading the page." msgstr "" @@ -46622,6 +46628,9 @@ msgstr "" msgid "Type to search" msgstr "" +msgid "Types of packages to sync with external source, required for License Compliance for CycloneDX files" +msgstr "" + msgid "URL" msgstr "" -- GitLab From 79efd6610cb68e7164d8ef4293af7b57e8fddb81 Mon Sep 17 00:00:00 2001 From: Tetiana Chupryna Date: Wed, 5 Apr 2023 15:56:43 +0000 Subject: [PATCH 03/11] Apply review suggestions --- .../admin/application_settings/_license_compliance.html.haml | 2 +- .../application_settings/security_and_compliance.html.haml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ee/app/views/admin/application_settings/_license_compliance.html.haml b/ee/app/views/admin/application_settings/_license_compliance.html.haml index d4e8e115694f2d..51950c88f31f52 100644 --- a/ee/app/views/admin/application_settings/_license_compliance.html.haml +++ b/ee/app/views/admin/application_settings/_license_compliance.html.haml @@ -5,7 +5,7 @@ .form-group = f.label :license_compliance_purl_types, s_('AdminSettings|Package data to sync'), class: 'label-bold gl-mb-0' %span.form-text.gl-mt-0.gl-mb-3#license_compliance_purl_types-help - = _('Types of packages to sync with external source, required for License Compliance for CycloneDX files') + = _('Package registry types for which metadata is stored, required for License Compliance for CycloneDX files') = link_to sprite_icon('question-o'), help_page_path("user/compliance/license_scanning_of_cyclonedx_files/index") = hidden_field_tag 'application_setting[license_compliance_purl_types][]' - sync_purl_types_checkboxes(f).each do |checkbox| diff --git a/ee/app/views/admin/application_settings/security_and_compliance.html.haml b/ee/app/views/admin/application_settings/security_and_compliance.html.haml index b78ce20b715e4f..00742ba5719a95 100644 --- a/ee/app/views/admin/application_settings/security_and_compliance.html.haml +++ b/ee/app/views/admin/application_settings/security_and_compliance.html.haml @@ -9,6 +9,6 @@ = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do = expanded_by_default? ? _('Collapse') : _('Expand') %p - = _('Settings for License Compliance feature') + = _('Settings for the License Compliance feature') .settings-content = render 'license_compliance' -- GitLab From b5d5ae724d94d1e02e5f690075dcc9ea156af7bf Mon Sep 17 00:00:00 2001 From: Tetiana Chupryna Date: Wed, 5 Apr 2023 19:05:55 +0200 Subject: [PATCH 04/11] Change name of the setting Make the name more abstract as we would use it in the future for CVS --- .../admin/application_settings_controller.rb | 6 +++--- .../20230403145705_add_purl_sync_to_settings.rb | 2 +- db/structure.sql | 2 +- ee/app/helpers/ee/application_settings_helper.rb | 4 ++-- ee/app/models/ee/application_setting.rb | 4 ++-- .../models/package_metadata/sync_configuration.rb | 4 ++-- ee/app/services/package_metadata/sync_service.rb | 2 +- .../_license_compliance.html.haml | 6 +++--- .../package_metadata/sync_configuration_spec.rb | 13 +++++++------ .../services/package_metadata/sync_service_spec.rb | 2 +- locale/gitlab.pot | 10 +++++----- 11 files changed, 28 insertions(+), 27 deletions(-) diff --git a/app/controllers/admin/application_settings_controller.rb b/app/controllers/admin/application_settings_controller.rb index 89ca30fdacdc3b..96d78034ad66fb 100644 --- a/app/controllers/admin/application_settings_controller.rb +++ b/app/controllers/admin/application_settings_controller.rb @@ -234,8 +234,8 @@ def application_setting_params # rubocop:disable Metrics/AbcSize params[:application_setting][:valid_runner_registrars]&.delete("") params[:application_setting][:restricted_visibility_levels]&.delete("") - params[:application_setting][:license_compliance_purl_types]&.delete("") - params[:application_setting][:license_compliance_purl_types]&.map!(&:to_i) + params[:application_setting][:package_metadata_purl_types]&.delete("") + params[:application_setting][:package_metadata_purl_types]&.map!(&:to_i) if params[:application_setting].key?(:required_instance_ci_template) if params[:application_setting][:required_instance_ci_template].empty? @@ -279,7 +279,7 @@ def visible_application_setting_attributes :default_branch_name, disabled_oauth_sign_in_sources: [], import_sources: [], - license_compliance_purl_types: [], + package_metadata_purl_types: [], restricted_visibility_levels: [], repository_storages_weighted: {}, valid_runner_registrars: [] diff --git a/db/migrate/20230403145705_add_purl_sync_to_settings.rb b/db/migrate/20230403145705_add_purl_sync_to_settings.rb index 6f45369b6cff1b..7cdeef72df76fe 100644 --- a/db/migrate/20230403145705_add_purl_sync_to_settings.rb +++ b/db/migrate/20230403145705_add_purl_sync_to_settings.rb @@ -2,6 +2,6 @@ class AddPurlSyncToSettings < Gitlab::Database::Migration[2.1] def change - add_column :application_settings, :license_compliance_purl_types, :integer, array: true, default: [] + add_column :application_settings, :package_metadata_purl_types, :integer, array: true, default: [] end end diff --git a/db/structure.sql b/db/structure.sql index 54f69a082a0bfd..e5b88e80b48ef0 100644 --- a/db/structure.sql +++ b/db/structure.sql @@ -11757,7 +11757,7 @@ CREATE TABLE application_settings ( encrypted_openai_api_key bytea, encrypted_openai_api_key_iv bytea, database_max_running_batched_background_migrations integer DEFAULT 2 NOT NULL, - license_compliance_purl_types integer[] DEFAULT '{}'::integer[], + package_metadata_purl_types integer[] DEFAULT '{}'::integer[], CONSTRAINT app_settings_container_reg_cleanup_tags_max_list_size_positive CHECK ((container_registry_cleanup_tags_service_max_list_size >= 0)), CONSTRAINT app_settings_container_registry_pre_import_tags_rate_positive CHECK ((container_registry_pre_import_tags_rate >= (0)::numeric)), CONSTRAINT app_settings_dep_proxy_ttl_policies_worker_capacity_positive CHECK ((dependency_proxy_ttl_group_policy_worker_capacity >= 0)), diff --git a/ee/app/helpers/ee/application_settings_helper.rb b/ee/app/helpers/ee/application_settings_helper.rb index eb8e66af557bf0..6c7aaf6bdef1c4 100644 --- a/ee/app/helpers/ee/application_settings_helper.rb +++ b/ee/app/helpers/ee/application_settings_helper.rb @@ -222,11 +222,11 @@ def git_abuse_rate_limit_data def sync_purl_types_checkboxes(form) ::Enums::PackageMetadata.purl_types.keys.map do |name| - checked = @application_setting.license_compliance_purl_types_names.include?(name) + checked = @application_setting.package_metadata_purl_types_names.include?(name) numeric = ::Enums::PackageMetadata.purl_types[name] form.gitlab_ui_checkbox_component( - :license_compliance_purl_types, + :package_metadata_purl_types, name, checkbox_options: { checked: checked, multiple: true, autocomplete: 'off' }, checked_value: numeric, diff --git a/ee/app/models/ee/application_setting.rb b/ee/app/models/ee/application_setting.rb index a0b8d1d1cf21d8..281166b37d26a7 100644 --- a/ee/app/models/ee/application_setting.rb +++ b/ee/app/models/ee/application_setting.rb @@ -505,8 +505,8 @@ def git_rate_limit_users_alertlist self[:git_rate_limit_users_alertlist].presence || ::User.admins.active.pluck_primary_key end - def license_compliance_purl_types_names - ::Enums::PackageMetadata.purl_types_numerical.values_at(*license_compliance_purl_types) + def package_metadata_purl_types_names + ::Enums::PackageMetadata.purl_types_numerical.values_at(*package_metadata_purl_types) end def unique_project_download_limit_enabled? diff --git a/ee/app/models/package_metadata/sync_configuration.rb b/ee/app/models/package_metadata/sync_configuration.rb index e44b11d725f186..37ddd4ffb82363 100644 --- a/ee/app/models/package_metadata/sync_configuration.rb +++ b/ee/app/models/package_metadata/sync_configuration.rb @@ -21,7 +21,7 @@ class SyncConfiguration }.with_indifferent_access.freeze - def self.purl_types + def self.all_by_enabled_purl_type storage_type = get_storage_type permitted_purl_types.map do |purl_type, _| @@ -42,7 +42,7 @@ def self.registry_id(purl_type) end def self.permitted_purl_types - ::Gitlab::CurrentSettings.current_application_settings.license_compliance_purl_types_names + ::Gitlab::CurrentSettings.current_application_settings.package_metadata_purl_types_names end attr_accessor :storage_type, :base_uri, :version_format, :purl_type diff --git a/ee/app/services/package_metadata/sync_service.rb b/ee/app/services/package_metadata/sync_service.rb index 8f014772ecf195..ecf7e309908f80 100644 --- a/ee/app/services/package_metadata/sync_service.rb +++ b/ee/app/services/package_metadata/sync_service.rb @@ -7,7 +7,7 @@ class SyncService THROTTLE_RATE = 0.75.seconds def self.execute(signal) - SyncConfiguration.purl_types.each do |config| + SyncConfiguration.all_by_enabled_purl_type.each do |config| if signal.stop? break Gitlab::AppJsonLogger.debug(class: name, message: "Stop signal received before starting #{config.purl_type} sync") diff --git a/ee/app/views/admin/application_settings/_license_compliance.html.haml b/ee/app/views/admin/application_settings/_license_compliance.html.haml index 51950c88f31f52..43b4c1a13d7884 100644 --- a/ee/app/views/admin/application_settings/_license_compliance.html.haml +++ b/ee/app/views/admin/application_settings/_license_compliance.html.haml @@ -3,11 +3,11 @@ %fieldset .form-group - = f.label :license_compliance_purl_types, s_('AdminSettings|Package data to sync'), class: 'label-bold gl-mb-0' - %span.form-text.gl-mt-0.gl-mb-3#license_compliance_purl_types-help + = f.label :package_metadata_purl_types, s_('AdminSettings|Package registry metadata to sync'), class: 'label-bold gl-mb-0' + %span.form-text.gl-mt-0.gl-mb-3#package_metadata_purl_types-help = _('Package registry types for which metadata is stored, required for License Compliance for CycloneDX files') = link_to sprite_icon('question-o'), help_page_path("user/compliance/license_scanning_of_cyclonedx_files/index") - = hidden_field_tag 'application_setting[license_compliance_purl_types][]' + = hidden_field_tag 'application_setting[package_metadata_purl_types][]' - sync_purl_types_checkboxes(f).each do |checkbox| = checkbox = f.submit _('Save changes'), pajamas_button: true diff --git a/ee/spec/models/package_metadata/sync_configuration_spec.rb b/ee/spec/models/package_metadata/sync_configuration_spec.rb index 63e79b43cecdb8..d0ce8636b04440 100644 --- a/ee/spec/models/package_metadata/sync_configuration_spec.rb +++ b/ee/spec/models/package_metadata/sync_configuration_spec.rb @@ -3,12 +3,13 @@ require 'spec_helper' RSpec.describe PackageMetadata::SyncConfiguration, feature_category: :license_compliance do - describe '.purl_types' do - subject(:registries) { described_class.purl_types } + describe '.all_by_enabled_purl_type' do + subject(:configurations) { described_class.all_by_enabled_purl_type } context 'with all purl types allowed to sync' do before do - stub_application_setting(license_compliance_purl_types: Enums::PackageMetadata.purl_types.values) + # stub application setting with all available at the moment package metadata types + stub_application_setting(package_metadata_purl_types: [1, 2, 3, 4, 5, 6, 7, 8]) end it 'returns a configuration instance for each known purl type' do @@ -42,11 +43,11 @@ context 'with some purl types allowed to sync' do before do - stub_application_setting(license_compliance_purl_types: [1, 5]) + stub_application_setting(package_metadata_purl_types: [1, 5]) end it 'returns a configuration instance only for selected types' do - expect(registries).to match_array([ + expect(configurations).to match_array([ have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, version_format: described_class::VERSION_FORMAT, purl_type: 'composer'), have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, @@ -57,7 +58,7 @@ context 'with none purl types allowed to sync' do it 'returns an empty array' do - expect(registries).to be_empty + expect(configurations).to be_empty end end end diff --git a/ee/spec/services/package_metadata/sync_service_spec.rb b/ee/spec/services/package_metadata/sync_service_spec.rb index de8e4fae573bc1..b3df02b58b2502 100644 --- a/ee/spec/services/package_metadata/sync_service_spec.rb +++ b/ee/spec/services/package_metadata/sync_service_spec.rb @@ -115,7 +115,7 @@ subject(:execute) { described_class.execute(stop_signal) } before do - stub_application_setting(license_compliance_purl_types: Enums::PackageMetadata.purl_types.values) + stub_application_setting(package_metadata_purl_types: Enums::PackageMetadata.purl_types.values) end context 'when stop_signal.stop? is false' do diff --git a/locale/gitlab.pot b/locale/gitlab.pot index bbfce5eb7ee2e6..d49bbae936bb0a 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -3102,7 +3102,7 @@ msgstr "" msgid "AdminSettings|Only enable search after installing the plugin, enabling indexing, and recreating the index." msgstr "" -msgid "AdminSettings|Package data to sync" +msgid "AdminSettings|Package registry metadata to sync" msgstr "" msgid "AdminSettings|Pause Elasticsearch indexing" @@ -30851,6 +30851,9 @@ msgstr "" msgid "Package registry rate limits" msgstr "" +msgid "Package registry types for which metadata is stored, required for License Compliance for CycloneDX files" +msgstr "" + msgid "Package type" msgstr "" @@ -40867,7 +40870,7 @@ msgstr[1] "" msgid "Settings" msgstr "" -msgid "Settings for License Compliance feature" +msgid "Settings for the License Compliance feature" msgstr "" msgid "Settings|Unable to load the merge request options settings. Try reloading the page." @@ -46628,9 +46631,6 @@ msgstr "" msgid "Type to search" msgstr "" -msgid "Types of packages to sync with external source, required for License Compliance for CycloneDX files" -msgstr "" - msgid "URL" msgstr "" -- GitLab From 58d13c67c2bb1351d73bb4e1134704f4bfe8204b Mon Sep 17 00:00:00 2001 From: Tetiana Chupryna Date: Thu, 6 Apr 2023 16:49:54 +0200 Subject: [PATCH 05/11] Add documentation for the admin feature --- doc/user/admin_area/settings/index.md | 4 ++++ .../settings/security_and_compliance.md | 19 +++++++++++++++++++ .../index.md | 1 + 3 files changed, 24 insertions(+) create mode 100644 doc/user/admin_area/settings/security_and_compliance.md diff --git a/doc/user/admin_area/settings/index.md b/doc/user/admin_area/settings/index.md index 152c35dd50475e..11c14102efbe71 100644 --- a/doc/user/admin_area/settings/index.md +++ b/doc/user/admin_area/settings/index.md @@ -66,6 +66,10 @@ The **CI/CD** settings contain: [risks are involved](../../packages/container_registry/reduce_container_registry_storage.md#use-with-external-container-registries) in enabling some of these settings. +## Security and Compliance settings + +- [License compliance settings](security_and_compliance.md#choose-package-registry-metadata-to-sync): Enable or disable synchronization of package metadata by a registry type. + ### Geo **(PREMIUM SELF)** The **Geo** setting contains: diff --git a/doc/user/admin_area/settings/security_and_compliance.md b/doc/user/admin_area/settings/security_and_compliance.md new file mode 100644 index 00000000000000..7d7ff55b9a5321 --- /dev/null +++ b/doc/user/admin_area/settings/security_and_compliance.md @@ -0,0 +1,19 @@ +--- +stage: Secure +group: Composition Analysis +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments +type: howto +--- + +# Security and Compliance Admin Area settings **(ULTIMATE SELF)** + +The [Admin Area](index.md) has the instance settings for package metadata synchronization. + +## Choose package registry metadata to sync + +To enable (or disable) synchronization with the GitLab License Database for [License Compliance](../../compliance/license_scanning_of_cyclonedx_files/index.md): + +1. Go to the top bar, select **Main menu > Admin**. +1. On the left sidebar, select **Settings > Security and Compliance**. +1. Expand **License Compliance**. +1. Check or uncheck checkboxes for the package registries that you want to sync. diff --git a/doc/user/compliance/license_scanning_of_cyclonedx_files/index.md b/doc/user/compliance/license_scanning_of_cyclonedx_files/index.md index e81951d93d434c..1ca10ed61db295 100644 --- a/doc/user/compliance/license_scanning_of_cyclonedx_files/index.md +++ b/doc/user/compliance/license_scanning_of_cyclonedx_files/index.md @@ -22,6 +22,7 @@ Licenses not in the SPDX list are reported as "Unknown". License information can Prerequisites: +- Enable [Synchronization with the GitLab License Database](../../admin_area/settings/security_and_compliance.md#choose-package-registry-metadata-to-sync) in Admin Area for the GitLab instance. - Enable [Dependency Scanning](../../application_security/dependency_scanning/index.md#configuration). From the `.gitlab-ci.yml` file, remove the deprecated line `Jobs/License-Scanning.gitlab-ci.yml`, if -- GitLab From c234d0eba5ceead91cd799e90acd00fc89b69fb0 Mon Sep 17 00:00:00 2001 From: Tetiana Chupryna Date: Thu, 6 Apr 2023 17:41:17 +0200 Subject: [PATCH 06/11] Make test more abstract --- .../sync_configuration_spec.rb | 57 ++++++++++--------- 1 file changed, 29 insertions(+), 28 deletions(-) diff --git a/ee/spec/models/package_metadata/sync_configuration_spec.rb b/ee/spec/models/package_metadata/sync_configuration_spec.rb index d0ce8636b04440..6f0885d6fc5c59 100644 --- a/ee/spec/models/package_metadata/sync_configuration_spec.rb +++ b/ee/spec/models/package_metadata/sync_configuration_spec.rb @@ -9,36 +9,37 @@ context 'with all purl types allowed to sync' do before do # stub application setting with all available at the moment package metadata types - stub_application_setting(package_metadata_purl_types: [1, 2, 3, 4, 5, 6, 7, 8]) + stub_application_setting(package_metadata_purl_types: Enums::PackageMetadata.purl_types.values) end - it 'returns a configuration instance for each known purl type' do - expect(registries).to match_array([ - have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, - version_format: described_class::VERSION_FORMAT, purl_type: 'composer'), - have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, - version_format: described_class::VERSION_FORMAT, purl_type: 'conan'), - have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, - version_format: described_class::VERSION_FORMAT, purl_type: 'gem'), - have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, - version_format: described_class::VERSION_FORMAT, purl_type: 'golang'), - have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, - version_format: described_class::VERSION_FORMAT, purl_type: 'maven'), - have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, - version_format: described_class::VERSION_FORMAT, purl_type: 'npm'), - have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, - version_format: described_class::VERSION_FORMAT, purl_type: 'nuget'), - have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, - version_format: described_class::VERSION_FORMAT, purl_type: 'pypi'), - have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, - version_format: described_class::VERSION_FORMAT, purl_type: 'apk'), - have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, - version_format: described_class::VERSION_FORMAT, purl_type: 'rpm'), - have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, - version_format: described_class::VERSION_FORMAT, purl_type: 'deb'), - have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, - version_format: described_class::VERSION_FORMAT, purl_type: 'cbl_mariner') - ]) + it 'returns a configuration instance for each known purl type' do + expect(configurations).to match_array([ + have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, + version_format: described_class::VERSION_FORMAT, purl_type: 'composer'), + have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, + version_format: described_class::VERSION_FORMAT, purl_type: 'conan'), + have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, + version_format: described_class::VERSION_FORMAT, purl_type: 'gem'), + have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, + version_format: described_class::VERSION_FORMAT, purl_type: 'golang'), + have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, + version_format: described_class::VERSION_FORMAT, purl_type: 'maven'), + have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, + version_format: described_class::VERSION_FORMAT, purl_type: 'npm'), + have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, + version_format: described_class::VERSION_FORMAT, purl_type: 'nuget'), + have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, + version_format: described_class::VERSION_FORMAT, purl_type: 'pypi'), + have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, + version_format: described_class::VERSION_FORMAT, purl_type: 'apk'), + have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, + version_format: described_class::VERSION_FORMAT, purl_type: 'rpm'), + have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, + version_format: described_class::VERSION_FORMAT, purl_type: 'deb'), + have_attributes(storage_type: :gcp, base_uri: described_class::BUCKET_NAME, + version_format: described_class::VERSION_FORMAT, purl_type: 'cbl_mariner') + ]) + end end context 'with some purl types allowed to sync' do -- GitLab From b132ab8873c93973fc46b8338645c5ecb233b7b0 Mon Sep 17 00:00:00 2001 From: Tetiana Chupryna Date: Thu, 6 Apr 2023 20:49:33 +0200 Subject: [PATCH 07/11] Add missed test for helper --- .../ee/application_settings_helper_spec.rb | 29 +++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/ee/spec/helpers/ee/application_settings_helper_spec.rb b/ee/spec/helpers/ee/application_settings_helper_spec.rb index eae3de27193993..12d4603f954f3c 100644 --- a/ee/spec/helpers/ee/application_settings_helper_spec.rb +++ b/ee/spec/helpers/ee/application_settings_helper_spec.rb @@ -125,4 +125,33 @@ auto_ban_user_on_excessive_projects_download: 'true' }) end end + + describe '#sync_purl_types_checkboxes', feature_category: :license_compliance do + let_it_be(:application_setting) { build(:application_setting) } + + before do + application_setting.package_metadata_purl_types = [1, 5] + + helper.instance_variable_set(:@application_setting, application_setting) + end + + it 'returns correctly checked purl type checkboxes' do + helper.gitlab_ui_form_for(application_setting, url: '/admin/application_settings/security_and_compliance') do |form| + result = helper.sync_purl_types_checkboxes(form) + + expect(result[0]).to have_checked_field('composer', with: 1) + expect(result[1]).to have_unchecked_field('conan', with: 2) + expect(result[2]).to have_unchecked_field('gem', with: 3) + expect(result[3]).to have_unchecked_field('golang', with: 4) + expect(result[4]).to have_checked_field('maven', with: 5) + expect(result[5]).to have_unchecked_field('npm', with: 6) + expect(result[6]).to have_unchecked_field('nuget', with: 7) + expect(result[7]).to have_unchecked_field('pypi', with: 8) + expect(result[8]).to have_unchecked_field('apk', with: 9) + expect(result[9]).to have_unchecked_field('rpm', with: 10) + expect(result[10]).to have_unchecked_field('deb', with: 11) + expect(result[11]).to have_unchecked_field('cbl_mariner', with: 12) + end + end + end end -- GitLab From 3a07391f25b66d34ce7b28e42443fcf5140b6486 Mon Sep 17 00:00:00 2001 From: Tetiana Chupryna Date: Wed, 12 Apr 2023 19:26:30 +0200 Subject: [PATCH 08/11] Update column type in migration --- db/migrate/20230403145705_add_purl_sync_to_settings.rb | 2 +- db/structure.sql | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/db/migrate/20230403145705_add_purl_sync_to_settings.rb b/db/migrate/20230403145705_add_purl_sync_to_settings.rb index 7cdeef72df76fe..3bc9ce07235487 100644 --- a/db/migrate/20230403145705_add_purl_sync_to_settings.rb +++ b/db/migrate/20230403145705_add_purl_sync_to_settings.rb @@ -2,6 +2,6 @@ class AddPurlSyncToSettings < Gitlab::Database::Migration[2.1] def change - add_column :application_settings, :package_metadata_purl_types, :integer, array: true, default: [] + add_column :application_settings, :package_metadata_purl_types, :smallint, array: true, default: [] end end diff --git a/db/structure.sql b/db/structure.sql index e5b88e80b48ef0..21065c1cde1f40 100644 --- a/db/structure.sql +++ b/db/structure.sql @@ -11757,7 +11757,7 @@ CREATE TABLE application_settings ( encrypted_openai_api_key bytea, encrypted_openai_api_key_iv bytea, database_max_running_batched_background_migrations integer DEFAULT 2 NOT NULL, - package_metadata_purl_types integer[] DEFAULT '{}'::integer[], + package_metadata_purl_types smallint[] DEFAULT '{}'::smallint[], CONSTRAINT app_settings_container_reg_cleanup_tags_max_list_size_positive CHECK ((container_registry_cleanup_tags_service_max_list_size >= 0)), CONSTRAINT app_settings_container_registry_pre_import_tags_rate_positive CHECK ((container_registry_pre_import_tags_rate >= (0)::numeric)), CONSTRAINT app_settings_dep_proxy_ttl_policies_worker_capacity_positive CHECK ((dependency_proxy_ttl_group_policy_worker_capacity >= 0)), -- GitLab From f21966c28b921046b686a4e6b6a035198466506e Mon Sep 17 00:00:00 2001 From: Tetiana Chupryna Date: Wed, 12 Apr 2023 19:26:45 +0200 Subject: [PATCH 09/11] Address review comments --- ee/app/models/ee/application_setting.rb | 2 ++ ee/spec/models/application_setting_spec.rb | 7 +++++++ .../services/package_metadata/sync_service_spec.rb | 13 +++++++++++++ 3 files changed, 22 insertions(+) diff --git a/ee/app/models/ee/application_setting.rb b/ee/app/models/ee/application_setting.rb index 281166b37d26a7..f39337c5140f89 100644 --- a/ee/app/models/ee/application_setting.rb +++ b/ee/app/models/ee/application_setting.rb @@ -191,6 +191,8 @@ module ApplicationSetting presence: true, if: :product_analytics_enabled + validates :package_metadata_purl_types, inclusion: { in: ::Enums::PackageMetadata.purl_types.values } + alias_attribute :delayed_project_deletion, :delayed_project_removal before_save :update_lock_delayed_project_removal, if: :delayed_group_deletion_changed? diff --git a/ee/spec/models/application_setting_spec.rb b/ee/spec/models/application_setting_spec.rb index 9cce4fd63b5e50..87c0019ab8ddb8 100644 --- a/ee/spec/models/application_setting_spec.rb +++ b/ee/spec/models/application_setting_spec.rb @@ -453,6 +453,13 @@ it { is_expected.to allow_value(nil).for(:product_analytics_data_collector_host) } end end + + describe 'package_metadata_purl_types', feature_category: :license_compliance do + it { is_expected.to allow_value(1).for(:package_metadata_purl_types) } + it { is_expected.to allow_value(12).for(:package_metadata_purl_types) } + it { is_expected.not_to allow_value(13).for(:package_metadata_purl_types) } + it { is_expected.not_to allow_value(0).for(:package_metadata_purl_types) } + end end describe 'search curation settings after .create_from_defaults', feature_category: :global_search do diff --git a/ee/spec/services/package_metadata/sync_service_spec.rb b/ee/spec/services/package_metadata/sync_service_spec.rb index b3df02b58b2502..063c3b05d91a03 100644 --- a/ee/spec/services/package_metadata/sync_service_spec.rb +++ b/ee/spec/services/package_metadata/sync_service_spec.rb @@ -139,6 +139,19 @@ execute end end + + context 'when none purl types enabled to sync' do + let(:should_stop) { false } + + before do + stub_application_setting(package_metadata_purl_types: []) + end + + it 'does not proceed' do + expect(described_class).not_to receive(:new) + execute + end + end end describe '.connector_for' do -- GitLab From caa39fa4c659c79fc18f7d2ad0a0e7eaead1c600 Mon Sep 17 00:00:00 2001 From: Tetiana Chupryna Date: Wed, 12 Apr 2023 19:33:14 +0200 Subject: [PATCH 10/11] Update documentation according to review --- doc/user/admin_area/settings/security_and_compliance.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/doc/user/admin_area/settings/security_and_compliance.md b/doc/user/admin_area/settings/security_and_compliance.md index 7d7ff55b9a5321..13abf1027cd411 100644 --- a/doc/user/admin_area/settings/security_and_compliance.md +++ b/doc/user/admin_area/settings/security_and_compliance.md @@ -7,13 +7,14 @@ type: howto # Security and Compliance Admin Area settings **(ULTIMATE SELF)** -The [Admin Area](index.md) has the instance settings for package metadata synchronization. +The settings for package metadata synchronization are located in the [Admin Area](index.md). ## Choose package registry metadata to sync -To enable (or disable) synchronization with the GitLab License Database for [License Compliance](../../compliance/license_scanning_of_cyclonedx_files/index.md): +To choose the packages you want to synchronize with the GitLab License Database for [License Compliance](../../compliance/license_scanning_of_cyclonedx_files/index.md): -1. Go to the top bar, select **Main menu > Admin**. +1. On the top bar, select **Main menu > Admin**. 1. On the left sidebar, select **Settings > Security and Compliance**. 1. Expand **License Compliance**. -1. Check or uncheck checkboxes for the package registries that you want to sync. +1. Select or clear checkboxes for the package registries that you want to sync. +1. Select **Save changes**. -- GitLab From 92de49668ea3f84f96c343d92ad9adacc13775e3 Mon Sep 17 00:00:00 2001 From: Tetiana Chupryna Date: Thu, 13 Apr 2023 13:50:31 +0200 Subject: [PATCH 11/11] Update feature category name --- ee/app/controllers/ee/admin/application_settings_controller.rb | 2 +- ee/spec/helpers/ee/application_settings_helper_spec.rb | 2 +- ee/spec/models/application_setting_spec.rb | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/ee/app/controllers/ee/admin/application_settings_controller.rb b/ee/app/controllers/ee/admin/application_settings_controller.rb index ab42039a176f05..8b17f2652e21a5 100644 --- a/ee/app/controllers/ee/admin/application_settings_controller.rb +++ b/ee/app/controllers/ee/admin/application_settings_controller.rb @@ -22,7 +22,7 @@ module ApplicationSettingsController feature_category :sm_provisioning, [:seat_link_payload] feature_category :source_code_management, [:templates] feature_category :global_search, [:advanced_search] - feature_category :license_compliance, [:security_and_compliance] + feature_category :software_composition_analysis, [:security_and_compliance] urgency :low, [:advanced_search, :seat_link_payload] def elasticsearch_reindexing_task diff --git a/ee/spec/helpers/ee/application_settings_helper_spec.rb b/ee/spec/helpers/ee/application_settings_helper_spec.rb index 12d4603f954f3c..0cd71a75a1e0c0 100644 --- a/ee/spec/helpers/ee/application_settings_helper_spec.rb +++ b/ee/spec/helpers/ee/application_settings_helper_spec.rb @@ -126,7 +126,7 @@ end end - describe '#sync_purl_types_checkboxes', feature_category: :license_compliance do + describe '#sync_purl_types_checkboxes', feature_category: :software_composition_analysis do let_it_be(:application_setting) { build(:application_setting) } before do diff --git a/ee/spec/models/application_setting_spec.rb b/ee/spec/models/application_setting_spec.rb index 87c0019ab8ddb8..6617f747b36d78 100644 --- a/ee/spec/models/application_setting_spec.rb +++ b/ee/spec/models/application_setting_spec.rb @@ -454,7 +454,7 @@ end end - describe 'package_metadata_purl_types', feature_category: :license_compliance do + describe 'package_metadata_purl_types', feature_category: :software_composition_analysis do it { is_expected.to allow_value(1).for(:package_metadata_purl_types) } it { is_expected.to allow_value(12).for(:package_metadata_purl_types) } it { is_expected.not_to allow_value(13).for(:package_metadata_purl_types) } -- GitLab