Use bot avatar for security_policy_bot users
Why are we doing this work
Users of type security_policy_bot
can only be identified by name but it's not obvious if we only display the avatar like in the example below:
It would be nice to use a bot avatar for those users.
Relevant links
Non-functional requirements
-
Documentation: -
Feature flag: -
Performance: -
Testing:
Implementation plan
- [x] Update Security::Orchestration::CreateBotService
to add avatar
params to the user object
- [x] Assign avatar
to the user similar to that of security bot
- [x] Create a new avatar and add it to lib/assets/images/bot_avatars/
- [ ] Create a background migration to update the avatar image to existing security policy bot users
After the suggestion on this comment we decided to added a shared avatar for the security policy bot.
Verification steps
Scenario 1
- Existing project with a
GitLab Security Policy Bot
without the security policy bot avatar
- Go to the members page
- Search for the
GitLab Security Policy Bot
avatar - Verify the user has the default user avatar.
- Enable the feature flag
security_policy_bot_shared_avatar
- Verify the user has the
GitLab Security Policy Bot
avatar
Scenario 2
New project
- Create a new project
- Go to Secure > Policies
- Click on new policy
- Select Scan execution policy
- Add a name
- Click in Configure with a merge request
- Merge the policy
- Enable the feature flag
security_policy_bot_shared_avatar
- Go back to the project created on step 1
- Go to Manage > Members
- Search for the GitLab Security Policy Bot
- Verify the bot has the expected avatar and the avatar URL is the shared avatar image containing the path:
/assets/bot_avatars/security-bot
.
Edited by Marcos Rocha