Skip to content

Security Configuration page never shows info alert about Auto DevOps, and Configuration history link is erroneously shown

Summary

The Security Configuration page never prompts about Auto DevOps being available, even when it is. Also, the Configution history link is still displayed in these situations, even though it shouldn't be, since for Auto DevOps to be enabled, the project must not have a .gitlab-ci.yml file.

That is, this alert is never displayed:

alert

This applies to both the old Security Configuration page design and the new one.

Steps to reproduce

  1. Find or create a project under the Ultimate tier.
  2. Make sure you are allowed to enable Auto DevOps for this project (being its owner should be more than sufficient).
  3. Make sure Auto DevOps is not enabled for the project.
  4. Make sure the project has a repository that does not contain .gitlab-ci.yml file.
  5. Go to Security & Compliance > Configuration.
  6. Observe the alert is not shown.
  7. Observe Configuration history link is shown, and clicking it results in a 404, since there's no .gitlab-ci.yml file.

Example Project

n/a - better to create your own.

What is the current bug behavior?

No alert is displayed.

What is the expected correct behavior?

The alert should be displayed.

Relevant logs and/or screenshots

Output of checks

This bug happens on GitLab.com

Possible fixes

This line is incorrect. It should check whether a .gitlab-ci.yml file exists in the repository, rather than just checking that the project is configured to use the default path for the CI file.

I think this behaviour was broken in !54498 (merged).

The specs for the Security::ConfigurationPresenter should be updated to correctly test this behaviour as well.

Implementation plan

  1. See this MR for a starting point

  2. Update ee/app/presenters/projects/security/configuration_presenter.rb to rely on the presence of an actual .gitlab-ci.yml file in the repository instead of the current logic which only checks whether the custom ci_config_path option is blank or set to .gitlab-ci.yml:

              latest_pipeline_path: latest_pipeline_path,
          auto_fix_enabled: autofix_enabled,
          can_toggle_auto_fix_settings: auto_fix_permission,
-         gitlab_ci_present: project.uses_default_ci_config?,
+         gitlab_ci_present: project.repository.gitlab_ci_yml,
          gitlab_ci_history_path: gitlab_ci_history_path,
          auto_fix_user_path: '/' # TODO: real link will be updated with https://gitlab.com/gitlab-org/gitlab/-/issues/215669

    Rather than accessing project.repository.gitlab_ci_yml directly from within configuration_presenter.rb, we'll probably want to create a method in app/models/project.rb such as gitlab_ci_present?, which returns project.repository.gitlab_ci_yml.

  3. Ensure the above change doesn't have any negative performance impacts, since we're switching from a simple database lookup to a file system lookup via git. There probably shouldnt't be any concerns since I don't think this page is a high traffic area, and the value from git should be cached, but this should be confirmed.

  4. Fix all tests broken by the above changes

Edited by Adam Cohen