Move tags from dast_scanner_profiles to dast_profile
What does this MR do and why?
In the Merge Request !104909 (merged) we added the table dast_profiles_tags
and in the MR !107521 (merged) we update the GraphQL api and the related mutations and services. However we realized that runner tags should be linked to the Dast::Profile
instead of the DastScannerProfile
.
This Merge Request adds the table dast_profiles_tags
and updates the related mutations and services.
The dast_scanner_profiles_tags
table will be removed in a follow-up MR.
Migrations
Add dast_profiles_tags
up
main: == 20230106184809 CreateDastProfilesTags: migrating ===========================
main: -- create_table(:dast_profiles_tags)
main: -> 0.0099s
main: == 20230106184809 CreateDastProfilesTags: migrated (0.0103s) ==================
down
main: == 20230106184809 CreateDastProfilesTags: reverting ===========================
main: -- drop_table(:dast_profiles_tags)
main: -> 0.0029s
main: == 20230106184809 CreateDastProfilesTags: reverted (0.0051s) ==================
This MR is part of issue #345430 (closed)
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
Create a new DastProfile
with tags.
Update the tags of a DastScannerProfile
.
How to set up and validate locally
Create a new DastProfile with tags
- Go to
/-/graphql-explorer
- Get a
dastScannerProfile
, anddastSiteProfiles
ids - Type a query like
mutation dastProfileCreate($input: DastProfileCreateInput!) {
dastProfileCreate(input: $input) {
dastProfile {
id
editPath
tagList
}
pipelineUrl
errors
}
}
with a Query Variable like:
{
"input": {
"fullPath": "root/apiscantest",
"name": "Test TagList",
"dastSiteProfileId": "gid://gitlab/DastSiteProfile/16",
"dastScannerProfileId": "gid://gitlab/DastScannerProfile/6",
"tagList": ["ruby", "dast"]
}
}
- Check the result
{
"data": {
"dastProfileCreate": {
"dastProfile": {
"id": "gid://gitlab/Dast::Profile/8",
"editPath": "/root/apiscantest/-/on_demand_scans/8/edit",
"tagList": [
"dast",
"ruby"
]
},
"pipelineUrl": null,
"errors": []
}
}
}
Update the tags of a DastProfile
- Go to
/-/graphql-explorer
- Type a query like
mutation dastProfileUpdate($input: DastProfileUpdateInput!) {
dastProfileUpdate(input: $input) {
errors
dastProfile {
tagList
}
}
}
{
"input": {
"id": "gid://gitlab/Dast::Profile/8",
"name": "Test TagList",
"tagList": ["rails", "on-demand"]
}
}
- Check the result
{
"data": {
"dastProfileUpdate": {
"errors": [],
"dastProfile": {
"tagList": [
"on-demand",
"rails"
]
}
}
}
}
Run an on-demand scan
- Go to
/-/on_demand_scans#/saved
- Find the DastProfile scan created in the previous step.
- Click in
Run scan
. - Check the job created. It should have the
DastProfile
tags.
- Wait for the job to start. It should run on the runner with all
DastProfile
tags.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.