E2E spec to test scan result policy integration with secure (!89758) · Merge requests · GitLab.org / GitLab

Harsha Muralidhar requested to merge hmuralidhar-scan-result-policies-spec into master Jun 10, 2022

What does this MR do and why?

This MR validates that on finding critical vulnerabilities in a pipeline run on a merge request, the MR is blocked from merging until approved as specified in a scan result policy

How to set up and validate locally

From QA directory run:

GITLAB_QA_ACCESS_TOKEN=<token> GITLAB_PASSWORD=<password> QA_DEBUG=true CHROME_HEADLESS=false bundle exec bin/qa Test::Instance::All http://192.168.1.105:3000 ./qa/specs/features/ee/browser_ui/13_secure/scan_result_policy_vulnerabilities_spec.rb

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Jun 13, 2022 by Harsha Muralidhar

E2E spec to test scan result policy integration with secure

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports