Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2024-01-10 06:12:01 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2024-01-10 06:12:01 +0300
commit: fea86fb8bf2339727de5e91ccf17ab105e993dca (patch)
tree: 25ddd67b8131643fa648f052eb29d527d72bdda3 /spec/frontend
parent: ec4891efa777d951afdbff95557bbcf5fda00188 (diff)
3 files changed, 167 insertions, 23 deletions
diff --git a/spec/frontend/security_configuration/components/feature_card_spec.js b/spec/frontend/security_configuration/components/feature_card_spec.js
index 9efee2a409a..f1826e0e138 100644
--- a/spec/frontend/security_configuration/components/feature_card_spec.js
+++ b/spec/frontend/security_configuration/components/feature_card_spec.js
@@ -1,7 +1,7 @@
 import { GlIcon } from '@gitlab/ui';
 import { mount } from '@vue/test-utils';
 import { extendedWrapper } from 'helpers/vue_test_utils_helper';
-import { securityFeatures } from '~/security_configuration/constants';
+import { securityFeatures } from 'jest/security_configuration/mock_data';
 import FeatureCard from '~/security_configuration/components/feature_card.vue';
 import FeatureCardBadge from '~/security_configuration/components/feature_card_badge.vue';
 import ManageViaMr from '~/vue_shared/security_configuration/components/manage_via_mr.vue';
diff --git a/spec/frontend/security_configuration/mock_data.js b/spec/frontend/security_configuration/mock_data.js
index 208256afdbd..f47d4f69cd0 100644
--- a/spec/frontend/security_configuration/mock_data.js
+++ b/spec/frontend/security_configuration/mock_data.js
@@ -1,11 +1,17 @@
 import {
   SAST_NAME,
   SAST_SHORT_NAME,
-  SAST_DESCRIPTION,
-  SAST_HELP_PATH,
-  SAST_CONFIG_HELP_PATH,
+  SAST_IAC_NAME,
+  SAST_IAC_SHORT_NAME,
 } from '~/security_configuration/constants';
-import { REPORT_TYPE_SAST } from '~/vue_shared/security_reports/constants';
+import { __, s__ } from '~/locale';
+import { helpPagePath } from '~/helpers/help_page_helper';
+
+import {
+  REPORT_TYPE_SAST,
+  REPORT_TYPE_BREACH_AND_ATTACK_SIMULATION,
+  REPORT_TYPE_SAST_IAC,
+} from '~/vue_shared/security_reports/constants';
 
 export const testProjectPath = 'foo/bar';
 export const testProviderIds = [101, 102, 103];
@@ -16,6 +22,71 @@ export const testTrainingUrls = [
   'https://www.vendornamethree.com/url',
 ];
 
+const SAST_DESCRIPTION = __('Analyze your source code for known vulnerabilities.');
+const SAST_HELP_PATH = helpPagePath('user/application_security/sast/index');
+const SAST_CONFIG_HELP_PATH = helpPagePath('user/application_security/sast/index', {
+  anchor: 'configuration',
+});
+
+const BAS_BADGE_TEXT = s__('SecurityConfiguration|Incubating feature');
+const BAS_BADGE_TOOLTIP = s__(
+  'SecurityConfiguration|Breach and Attack Simulation is an incubating feature extending existing security testing by simulating adversary activity.',
+);
+const BAS_DESCRIPTION = s__(
+  'SecurityConfiguration|Simulate breach and attack scenarios against your running application by attempting to detect and exploit known vulnerabilities.',
+);
+const BAS_HELP_PATH = helpPagePath('user/application_security/breach_and_attack_simulation/index');
+const BAS_NAME = s__('SecurityConfiguration|Breach and Attack Simulation (BAS)');
+const BAS_SHORT_NAME = s__('SecurityConfiguration|BAS');
+const BAS_DAST_FEATURE_FLAG_DESCRIPTION = s__(
+  'SecurityConfiguration|Enable incubating Breach and Attack Simulation focused features such as callback attacks in your DAST scans.',
+);
+const BAS_DAST_FEATURE_FLAG_HELP_PATH = helpPagePath(
+  'user/application_security/breach_and_attack_simulation/index',
+  { anchor: 'extend-dynamic-application-security-testing-dast' },
+);
+const BAS_DAST_FEATURE_FLAG_NAME = s__(
+  'SecurityConfiguration|Out-of-Band Application Security Testing (OAST)',
+);
+
+const SAST_IAC_DESCRIPTION = __(
+  'Analyze your infrastructure as code configuration files for known vulnerabilities.',
+);
+const SAST_IAC_HELP_PATH = helpPagePath('user/application_security/iac_scanning/index');
+const SAST_IAC_CONFIG_HELP_PATH = helpPagePath('user/application_security/iac_scanning/index', {
+  anchor: 'configuration',
+});
+
+export const securityFeatures = [
+  {
+    anchor: 'bas',
+    badge: {
+      alwaysDisplay: true,
+      text: BAS_BADGE_TEXT,
+      tooltipText: BAS_BADGE_TOOLTIP,
+      variant: 'info',
+    },
+    description: BAS_DESCRIPTION,
+    name: BAS_NAME,
+    helpPath: BAS_HELP_PATH,
+    secondary: {
+      configurationHelpPath: BAS_DAST_FEATURE_FLAG_HELP_PATH,
+      description: BAS_DAST_FEATURE_FLAG_DESCRIPTION,
+      name: BAS_DAST_FEATURE_FLAG_NAME,
+    },
+    shortName: BAS_SHORT_NAME,
+    type: REPORT_TYPE_BREACH_AND_ATTACK_SIMULATION,
+  },
+  {
+    name: SAST_IAC_NAME,
+    shortName: SAST_IAC_SHORT_NAME,
+    description: SAST_IAC_DESCRIPTION,
+    helpPath: SAST_IAC_HELP_PATH,
+    configurationHelpPath: SAST_IAC_CONFIG_HELP_PATH,
+    type: REPORT_TYPE_SAST_IAC,
+  },
+];
+
 const createSecurityTrainingProviders = ({ providerOverrides = {} }) => [
   {
     id: testProviderIds[0],
diff --git a/spec/frontend/security_configuration/utils_spec.js b/spec/frontend/security_configuration/utils_spec.js
index 3c6d4baa30f..f2eeaca8987 100644
--- a/spec/frontend/security_configuration/utils_spec.js
+++ b/spec/frontend/security_configuration/utils_spec.js
@@ -6,6 +6,46 @@ describe('augmentFeatures', () => {
     {
       name: 'SAST',
       type: 'SAST',
+      security_features: {
+        type: 'SAST',
+      },
+    },
+  ];
+
+  const expectedMockSecurityFeatures = [
+    {
+      name: 'SAST',
+      type: 'SAST',
+      securityFeatures: {
+        type: 'SAST',
+      },
+    },
+  ];
+
+  const expectedInvalidMockSecurityFeatures = [
+    {
+      foo: 'bar',
+      name: 'SAST',
+      type: 'SAST',
+      securityFeatures: {
+        type: 'SAST',
+      },
+    },
+  ];
+
+  const expectedSecondarymockSecurityFeatures = [
+    {
+      name: 'DAST',
+      type: 'DAST',
+      helpPath: '/help/user/application_security/dast/index',
+      secondary: {
+        type: 'DAST PROFILES',
+        name: 'DAST PROFILES',
+      },
+      securityFeatures: {
+        type: 'DAST',
+        helpPath: '/help/user/application_security/dast/index',
+      },
     },
   ];
 
@@ -17,6 +57,10 @@ describe('augmentFeatures', () => {
         type: 'DAST PROFILES',
         name: 'DAST PROFILES',
       },
+      security_features: {
+        type: 'DAST',
+        help_path: '/help/user/application_security/dast/index',
+      },
     },
   ];
 
@@ -31,6 +75,9 @@ describe('augmentFeatures', () => {
       name: 'SAST',
       type: 'SAST',
       customField: 'customvalue',
+      securityFeatures: {
+        type: 'SAST',
+      },
     },
   ];
 
@@ -38,6 +85,9 @@ describe('augmentFeatures', () => {
     {
       name: 'DAST',
       type: 'dast',
+      security_features: {
+        type: 'DAST',
+      },
     },
   ];
 
@@ -48,6 +98,9 @@ describe('augmentFeatures', () => {
       customField: 'customvalue',
       onDemandAvailable: false,
       badge: {},
+      security_features: {
+        type: 'dast',
+      },
     },
   ];
 
@@ -58,6 +111,9 @@ describe('augmentFeatures', () => {
       customField: 'customvalue',
       onDemandAvailable: true,
       badge: {},
+      security_features: {
+        type: 'dast',
+      },
     },
   ];
 
@@ -70,11 +126,15 @@ describe('augmentFeatures', () => {
   ];
 
   const expectedOutputDefault = {
-    augmentedSecurityFeatures: mockSecurityFeatures,
+    augmentedSecurityFeatures: expectedMockSecurityFeatures,
+  };
+
+  const expectedInvalidOutputDefault = {
+    augmentedSecurityFeatures: expectedInvalidMockSecurityFeatures,
   };
 
   const expectedOutputSecondary = {
-    augmentedSecurityFeatures: mockSecurityFeatures,
+    augmentedSecurityFeatures: expectedSecondarymockSecurityFeatures,
   };
 
   const expectedOutputCustomFeature = {
@@ -88,6 +148,9 @@ describe('augmentFeatures', () => {
         type: 'dast',
         customField: 'customvalue',
         onDemandAvailable: false,
+        securityFeatures: {
+          type: 'dast',
+        },
       },
     ],
   };
@@ -100,52 +163,62 @@ describe('augmentFeatures', () => {
         customField: 'customvalue',
         onDemandAvailable: true,
         badge: {},
+        securityFeatures: {
+          type: 'dast',
+        },
       },
     ],
   };
 
   describe('returns an object with augmentedSecurityFeatures  when', () => {
-    it('given an empty array', () => {
-      expect(augmentFeatures(mockSecurityFeatures, [])).toEqual(expectedOutputDefault);
+    it('given an properly formatted array', () => {
+      expect(augmentFeatures(mockSecurityFeatures)).toEqual(expectedOutputDefault);
     });
 
     it('given an invalid populated array', () => {
-      expect(augmentFeatures(mockSecurityFeatures, mockInvalidCustomFeature)).toEqual(
-        expectedOutputDefault,
-      );
+      expect(
+        augmentFeatures([{ ...mockSecurityFeatures[0], ...mockInvalidCustomFeature[0] }]),
+      ).toEqual(expectedInvalidOutputDefault);
     });
 
     it('features have secondary key', () => {
-      expect(augmentFeatures(mockSecurityFeatures, mockFeaturesWithSecondary, [])).toEqual(
-        expectedOutputSecondary,
-      );
+      expect(
+        augmentFeatures([{ ...mockSecurityFeatures[0], ...mockFeaturesWithSecondary[0] }]),
+      ).toEqual(expectedOutputSecondary);
     });
 
     it('given a valid populated array', () => {
-      expect(augmentFeatures(mockSecurityFeatures, mockValidCustomFeature)).toEqual(
-        expectedOutputCustomFeature,
-      );
+      expect(
+        augmentFeatures([{ ...mockSecurityFeatures[0], ...mockValidCustomFeature[0] }]),
+      ).toEqual(expectedOutputCustomFeature);
     });
   });
 
   describe('returns an object with camelcased keys', () => {
     it('given a customfeature in snakecase', () => {
-      expect(augmentFeatures(mockSecurityFeatures, mockValidCustomFeatureSnakeCase)).toEqual(
-        expectedOutputCustomFeature,
-      );
+      expect(
+        augmentFeatures([{ ...mockSecurityFeatures[0], ...mockValidCustomFeatureSnakeCase[0] }]),
+      ).toEqual(expectedOutputCustomFeature);
     });
   });
 
   describe('follows onDemandAvailable', () => {
     it('deletes badge when false', () => {
       expect(
-        augmentFeatures(mockSecurityFeaturesDast, mockValidCustomFeatureWithOnDemandAvailableFalse),
+        augmentFeatures([
+          {
+            ...mockSecurityFeaturesDast[0],
+            ...mockValidCustomFeatureWithOnDemandAvailableFalse[0],
+          },
+        ]),
       ).toEqual(expectedOutputCustomFeatureWithOnDemandAvailableFalse);
     });
 
     it('keeps badge when true', () => {
       expect(
-        augmentFeatures(mockSecurityFeaturesDast, mockValidCustomFeatureWithOnDemandAvailableTrue),
+        augmentFeatures([
+          { ...mockSecurityFeaturesDast[0], ...mockValidCustomFeatureWithOnDemandAvailableTrue[0] },
+        ]),
       ).toEqual(expectedOutputCustomFeatureWithOnDemandAvailableTrue);
     });
   });
author	GitLab Bot <gitlab-bot@gitlab.com>	2024-01-10 06:12:01 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2024-01-10 06:12:01 +0300
commit	fea86fb8bf2339727de5e91ccf17ab105e993dca (patch)
tree	25ddd67b8131643fa648f052eb29d527d72bdda3 /spec/frontend
parent	ec4891efa777d951afdbff95557bbcf5fda00188 (diff)