Skip to content

Add scan execution policies to the policy list

What does this MR do?

The policy list now also fetches scan execution policies and displays them along with network policies. This also renames a few things to better reflect the fact that we no longer display network policies only. The specs have been reorganized and cleaned up to make sure we only test relevant things, that no test-cases are duplicated, and that we only create a single wrapper per test case. We also now mount shallow wrappers when a full mount isn't necessary.

How to test this?

Since it is not yet possible to create scan execution policies, the easiest way to test this would be to mock one client-side:

diff --git a/ee/app/assets/javascripts/threat_monitoring/graphql/queries/scan_execution_policies.query.graphql b/ee/app/assets/javascripts/threat_monitoring/graphql/queries/scan_execution_policies.query.graphql
index 0b9a2e08e8a..9c3ba33ddf6 100644
--- a/ee/app/assets/javascripts/threat_monitoring/graphql/queries/scan_execution_policies.query.graphql
+++ b/ee/app/assets/javascripts/threat_monitoring/graphql/queries/scan_execution_policies.query.graphql
@@ -1,5 +1,5 @@
 query scanExecutionPolicies($fullPath: ID!) {
-  project(fullPath: $fullPath) {
+  project(fullPath: $fullPath) @client {
     scanExecutionPolicies {
       nodes {
         name
diff --git a/ee/app/assets/javascripts/threat_monitoring/index.js b/ee/app/assets/javascripts/threat_monitoring/index.js
index c2f007379e2..843980468f6 100644
--- a/ee/app/assets/javascripts/threat_monitoring/index.js
+++ b/ee/app/assets/javascripts/threat_monitoring/index.js
@@ -9,7 +9,27 @@ Vue.use(VueApollo);
 
 const apolloProvider = new VueApollo({
   defaultClient: createDefaultClient(
-    {},
+    {
+      Query: {
+        project: () => {
+          return {
+            __typename: 'Project',
+            scanExecutionPolicies: {
+              __typename: 'ScanExecutionPolicyConnection',
+              nodes: [
+                {
+                  __typename: 'ScanExecutionPolicy',
+                  name: 'Scan execution policy',
+                  yaml: 'some yaml',
+                  enabled: true,
+                  updatedAt: new Date(),
+                },
+              ],
+            },
+          };
+        },
+      },
+    },
     {
       assumeImmutableResults: true,
       cacheConfig: {

Screenshots (strongly suggested)

Before After
Screen_Shot_2021-06-24_at_8.16.27_AM Screen_Shot_2021-06-24_at_8.26.19_AM

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

Does this MR contain changes to processing or storing of credentials or tokens, authorization and authentication methods or other items described in the security review guidelines? If not, then delete this Security section.

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team

Related to #333727 (closed)

Edited by Paul Gascou-Vaillancourt

Merge request reports

Loading