Add Sbom Survey Banner
What does this MR do and why?
This MR solves: https://gitlab.com/gitlab-org/gitlab/-/issues/344949
And it's all about this Banner:
sbomBanner |
---|
It introduces a new vue_shared component survey_banner
which is to be configured via props and will render a Banner like in the screenshot above.
Furthermore this new shared component is used to display the sbom Banner on the dependency list page, license compliance page, group and project security dashboards.
The Banner has a link, the ability to be dismissed (saved in LocalStorage) and the ability to be reminded in a given number of days.
It's currently behind the sbom_survey
feature flag roll out issue: #348181 (closed)
There is already another banner currently implemented which this shared banner is heavily influenced by (ee/app/assets/javascripts/security_dashboard/components/shared/survey_request_banner.vue
) the Usage of the survey_request_banner needs to be refactored to use the shared component as well. This effort is tracked in this follow-up Issue: #348190 (closed)
Note to reviewers: My apologies for this big MR. This couldn't really be avoided in this case. I did my very best to have a clean and reproducible commit history. It is highly recommended to review this commit after commit
Screenshots or screen recordings
dependency scanning | license compliance | security dashboard |
---|---|---|
How to set up and validate locally
- enable the
sbom_survey
feature flag rails c
Feature.enable(:sbom_survey)
- Watch out while testing, if you dismiss the banner for testing purposes, make sure to clear up Local Storage afterwards
key: sbom_survey_request
, if not the banner won’t be coming up on any other page. - check if the banner displays correctly on the
dependency list page
http://gitlab.localdev:3000/GROUP/
PROJECT/-/dependencies - check if the banner displays correctly on the
license compliance page
http://gitlab.localdev:3000/GROUP/
PROJECT/-/licenses - check if the banner displays correctly on the
project security dashboard
http://gitlab.localdev:3000/GROUP/
PROJECT/-/security/dashboard - check if the banner displays correctly on the
group security dashboard
http://gitlab.localdev:3000/groups/$GROUP/-/security/dashboard
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.