diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2024-01-10 06:12:01 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2024-01-10 06:12:01 +0300 |
commit | fea86fb8bf2339727de5e91ccf17ab105e993dca (patch) | |
tree | 25ddd67b8131643fa648f052eb29d527d72bdda3 /spec/frontend | |
parent | ec4891efa777d951afdbff95557bbcf5fda00188 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/frontend')
3 files changed, 167 insertions, 23 deletions
diff --git a/spec/frontend/security_configuration/components/feature_card_spec.js b/spec/frontend/security_configuration/components/feature_card_spec.js index 9efee2a409a..f1826e0e138 100644 --- a/spec/frontend/security_configuration/components/feature_card_spec.js +++ b/spec/frontend/security_configuration/components/feature_card_spec.js @@ -1,7 +1,7 @@ import { GlIcon } from '@gitlab/ui'; import { mount } from '@vue/test-utils'; import { extendedWrapper } from 'helpers/vue_test_utils_helper'; -import { securityFeatures } from '~/security_configuration/constants'; +import { securityFeatures } from 'jest/security_configuration/mock_data'; import FeatureCard from '~/security_configuration/components/feature_card.vue'; import FeatureCardBadge from '~/security_configuration/components/feature_card_badge.vue'; import ManageViaMr from '~/vue_shared/security_configuration/components/manage_via_mr.vue'; diff --git a/spec/frontend/security_configuration/mock_data.js b/spec/frontend/security_configuration/mock_data.js index 208256afdbd..f47d4f69cd0 100644 --- a/spec/frontend/security_configuration/mock_data.js +++ b/spec/frontend/security_configuration/mock_data.js @@ -1,11 +1,17 @@ import { SAST_NAME, SAST_SHORT_NAME, - SAST_DESCRIPTION, - SAST_HELP_PATH, - SAST_CONFIG_HELP_PATH, + SAST_IAC_NAME, + SAST_IAC_SHORT_NAME, } from '~/security_configuration/constants'; -import { REPORT_TYPE_SAST } from '~/vue_shared/security_reports/constants'; +import { __, s__ } from '~/locale'; +import { helpPagePath } from '~/helpers/help_page_helper'; + +import { + REPORT_TYPE_SAST, + REPORT_TYPE_BREACH_AND_ATTACK_SIMULATION, + REPORT_TYPE_SAST_IAC, +} from '~/vue_shared/security_reports/constants'; export const testProjectPath = 'foo/bar'; export const testProviderIds = [101, 102, 103]; @@ -16,6 +22,71 @@ export const testTrainingUrls = [ 'https://www.vendornamethree.com/url', ]; +const SAST_DESCRIPTION = __('Analyze your source code for known vulnerabilities.'); +const SAST_HELP_PATH = helpPagePath('user/application_security/sast/index'); +const SAST_CONFIG_HELP_PATH = helpPagePath('user/application_security/sast/index', { + anchor: 'configuration', +}); + +const BAS_BADGE_TEXT = s__('SecurityConfiguration|Incubating feature'); +const BAS_BADGE_TOOLTIP = s__( + 'SecurityConfiguration|Breach and Attack Simulation is an incubating feature extending existing security testing by simulating adversary activity.', +); +const BAS_DESCRIPTION = s__( + 'SecurityConfiguration|Simulate breach and attack scenarios against your running application by attempting to detect and exploit known vulnerabilities.', +); +const BAS_HELP_PATH = helpPagePath('user/application_security/breach_and_attack_simulation/index'); +const BAS_NAME = s__('SecurityConfiguration|Breach and Attack Simulation (BAS)'); +const BAS_SHORT_NAME = s__('SecurityConfiguration|BAS'); +const BAS_DAST_FEATURE_FLAG_DESCRIPTION = s__( + 'SecurityConfiguration|Enable incubating Breach and Attack Simulation focused features such as callback attacks in your DAST scans.', +); +const BAS_DAST_FEATURE_FLAG_HELP_PATH = helpPagePath( + 'user/application_security/breach_and_attack_simulation/index', + { anchor: 'extend-dynamic-application-security-testing-dast' }, +); +const BAS_DAST_FEATURE_FLAG_NAME = s__( + 'SecurityConfiguration|Out-of-Band Application Security Testing (OAST)', +); + +const SAST_IAC_DESCRIPTION = __( + 'Analyze your infrastructure as code configuration files for known vulnerabilities.', +); +const SAST_IAC_HELP_PATH = helpPagePath('user/application_security/iac_scanning/index'); +const SAST_IAC_CONFIG_HELP_PATH = helpPagePath('user/application_security/iac_scanning/index', { + anchor: 'configuration', +}); + +export const securityFeatures = [ + { + anchor: 'bas', + badge: { + alwaysDisplay: true, + text: BAS_BADGE_TEXT, + tooltipText: BAS_BADGE_TOOLTIP, + variant: 'info', + }, + description: BAS_DESCRIPTION, + name: BAS_NAME, + helpPath: BAS_HELP_PATH, + secondary: { + configurationHelpPath: BAS_DAST_FEATURE_FLAG_HELP_PATH, + description: BAS_DAST_FEATURE_FLAG_DESCRIPTION, + name: BAS_DAST_FEATURE_FLAG_NAME, + }, + shortName: BAS_SHORT_NAME, + type: REPORT_TYPE_BREACH_AND_ATTACK_SIMULATION, + }, + { + name: SAST_IAC_NAME, + shortName: SAST_IAC_SHORT_NAME, + description: SAST_IAC_DESCRIPTION, + helpPath: SAST_IAC_HELP_PATH, + configurationHelpPath: SAST_IAC_CONFIG_HELP_PATH, + type: REPORT_TYPE_SAST_IAC, + }, +]; + const createSecurityTrainingProviders = ({ providerOverrides = {} }) => [ { id: testProviderIds[0], diff --git a/spec/frontend/security_configuration/utils_spec.js b/spec/frontend/security_configuration/utils_spec.js index 3c6d4baa30f..f2eeaca8987 100644 --- a/spec/frontend/security_configuration/utils_spec.js +++ b/spec/frontend/security_configuration/utils_spec.js @@ -6,6 +6,46 @@ describe('augmentFeatures', () => { { name: 'SAST', type: 'SAST', + security_features: { + type: 'SAST', + }, + }, + ]; + + const expectedMockSecurityFeatures = [ + { + name: 'SAST', + type: 'SAST', + securityFeatures: { + type: 'SAST', + }, + }, + ]; + + const expectedInvalidMockSecurityFeatures = [ + { + foo: 'bar', + name: 'SAST', + type: 'SAST', + securityFeatures: { + type: 'SAST', + }, + }, + ]; + + const expectedSecondarymockSecurityFeatures = [ + { + name: 'DAST', + type: 'DAST', + helpPath: '/help/user/application_security/dast/index', + secondary: { + type: 'DAST PROFILES', + name: 'DAST PROFILES', + }, + securityFeatures: { + type: 'DAST', + helpPath: '/help/user/application_security/dast/index', + }, }, ]; @@ -17,6 +57,10 @@ describe('augmentFeatures', () => { type: 'DAST PROFILES', name: 'DAST PROFILES', }, + security_features: { + type: 'DAST', + help_path: '/help/user/application_security/dast/index', + }, }, ]; @@ -31,6 +75,9 @@ describe('augmentFeatures', () => { name: 'SAST', type: 'SAST', customField: 'customvalue', + securityFeatures: { + type: 'SAST', + }, }, ]; @@ -38,6 +85,9 @@ describe('augmentFeatures', () => { { name: 'DAST', type: 'dast', + security_features: { + type: 'DAST', + }, }, ]; @@ -48,6 +98,9 @@ describe('augmentFeatures', () => { customField: 'customvalue', onDemandAvailable: false, badge: {}, + security_features: { + type: 'dast', + }, }, ]; @@ -58,6 +111,9 @@ describe('augmentFeatures', () => { customField: 'customvalue', onDemandAvailable: true, badge: {}, + security_features: { + type: 'dast', + }, }, ]; @@ -70,11 +126,15 @@ describe('augmentFeatures', () => { ]; const expectedOutputDefault = { - augmentedSecurityFeatures: mockSecurityFeatures, + augmentedSecurityFeatures: expectedMockSecurityFeatures, + }; + + const expectedInvalidOutputDefault = { + augmentedSecurityFeatures: expectedInvalidMockSecurityFeatures, }; const expectedOutputSecondary = { - augmentedSecurityFeatures: mockSecurityFeatures, + augmentedSecurityFeatures: expectedSecondarymockSecurityFeatures, }; const expectedOutputCustomFeature = { @@ -88,6 +148,9 @@ describe('augmentFeatures', () => { type: 'dast', customField: 'customvalue', onDemandAvailable: false, + securityFeatures: { + type: 'dast', + }, }, ], }; @@ -100,52 +163,62 @@ describe('augmentFeatures', () => { customField: 'customvalue', onDemandAvailable: true, badge: {}, + securityFeatures: { + type: 'dast', + }, }, ], }; describe('returns an object with augmentedSecurityFeatures when', () => { - it('given an empty array', () => { - expect(augmentFeatures(mockSecurityFeatures, [])).toEqual(expectedOutputDefault); + it('given an properly formatted array', () => { + expect(augmentFeatures(mockSecurityFeatures)).toEqual(expectedOutputDefault); }); it('given an invalid populated array', () => { - expect(augmentFeatures(mockSecurityFeatures, mockInvalidCustomFeature)).toEqual( - expectedOutputDefault, - ); + expect( + augmentFeatures([{ ...mockSecurityFeatures[0], ...mockInvalidCustomFeature[0] }]), + ).toEqual(expectedInvalidOutputDefault); }); it('features have secondary key', () => { - expect(augmentFeatures(mockSecurityFeatures, mockFeaturesWithSecondary, [])).toEqual( - expectedOutputSecondary, - ); + expect( + augmentFeatures([{ ...mockSecurityFeatures[0], ...mockFeaturesWithSecondary[0] }]), + ).toEqual(expectedOutputSecondary); }); it('given a valid populated array', () => { - expect(augmentFeatures(mockSecurityFeatures, mockValidCustomFeature)).toEqual( - expectedOutputCustomFeature, - ); + expect( + augmentFeatures([{ ...mockSecurityFeatures[0], ...mockValidCustomFeature[0] }]), + ).toEqual(expectedOutputCustomFeature); }); }); describe('returns an object with camelcased keys', () => { it('given a customfeature in snakecase', () => { - expect(augmentFeatures(mockSecurityFeatures, mockValidCustomFeatureSnakeCase)).toEqual( - expectedOutputCustomFeature, - ); + expect( + augmentFeatures([{ ...mockSecurityFeatures[0], ...mockValidCustomFeatureSnakeCase[0] }]), + ).toEqual(expectedOutputCustomFeature); }); }); describe('follows onDemandAvailable', () => { it('deletes badge when false', () => { expect( - augmentFeatures(mockSecurityFeaturesDast, mockValidCustomFeatureWithOnDemandAvailableFalse), + augmentFeatures([ + { + ...mockSecurityFeaturesDast[0], + ...mockValidCustomFeatureWithOnDemandAvailableFalse[0], + }, + ]), ).toEqual(expectedOutputCustomFeatureWithOnDemandAvailableFalse); }); it('keeps badge when true', () => { expect( - augmentFeatures(mockSecurityFeaturesDast, mockValidCustomFeatureWithOnDemandAvailableTrue), + augmentFeatures([ + { ...mockSecurityFeaturesDast[0], ...mockValidCustomFeatureWithOnDemandAvailableTrue[0] }, + ]), ).toEqual(expectedOutputCustomFeatureWithOnDemandAvailableTrue); }); }); |