Display 'License-Check' approval rule in the license compliance section
Problem to solve
Currently adding License-Check
can only be done in settings > general > MR approvals. Additionally, the feature is not visible in the UI. Activating the License-Check
currently the only enforcement that will disallow an MR when a license is "Denied".
Context: this issue is based on discovery work done in https://gitlab.com/gitlab-org/gitlab-ee/issues/12941, where a policies section was added to license compliance.
Further details
- Related issues: #31922 (closed) and #39209 (closed)
Intended users
- Compliance Role wants to see that they are following policies that have been set, edit policies as needed, and set policies for unclassified licenses.
- Delaney (Development Team Lead)
- Sasha (Software Developer)
- Sam (Security Analyst)\
- Legal and/or person responsible for orgs compliance
Solution
Display in License Compliance > Policies License-Check
: 1) ability to edit/on/off the check, 2) notify the user when license-check
is activated (add tooltip as seen in the MR)
License-Check |
---|
Permissions and Security
- Developer view may see license check is active, but can't adjust them (link leads to documentation)
- Maintainer may view/add/edit/delete license check
Documentation
- Will need to update
License-Check
documentation, citing location in License Compliance > Policies
Testing
QA should add applicable end to end test to cover off functionality.
Notes added to the Licence Policy end-to-end test ticket #219461 (closed)
Developer should update the spec tests for applicable coverage.
What does success look like, and how can we measure that?
- User is aware of what
License-Check
is and how it affects their project - User navigates to this section when tasked with setting up
License-Check
- User is able to successfully enable/disable/edit
License-Check
What is the type of buyer?
Links / references
- Discovery issue: #12941 (closed)
- Related research: ux-research#206 (closed)
Initial description
#13067 (closed) adds the ability to use the 'License-Check' approval rule
Clickable mocks at: #6924 (comment 193704556)
Implementation Plan
Frontend - person
-
Insert endpoints via HAML data-attributes (CRUD endpoints) -
Add new vuex-module ( license_check
) toee/app/assets/javascripts/approvals/stores/modules
-
Add modules to ee/app/assets/javascripts/license_compliance/store/index.js
:-
license_check
-
createModal
-
deleteModal
(because of coupled action whendelete
request gets dispatched)
-
-
Create new Vue component that: -
Fetches existing MR-approval rules -
Checks if 'License-Check' rule exists -
Displays status message -
Renders button that triggers modal -
Includes modal and passes relevant data to it (rules) -
Displays a loading state (TBD with UX)
-
-
Add new Vue component that wraps a gl-vuex-modal to ee/app/assets/javascripts/approvals/components/app.vue
-
Tweak ee/app/assets/javascripts/approvals/components/rule_form.vue
to:-
Accept new prop that allows to lock the approval-name and hides the corresponding input if it's value is not empty -
Contain a new slot for displaying additional information (help text) in the footer ( maybe
)
-
-
Tests
Documentation - person
@NicoleSchwartz
Product Management -This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.