Feature flag to enable License Scanning SBOM scanner
Why are we doing this work
We need a feature flag to roll out the License Scanning SBOM Scanner, and to enable it in specific projects before making it the default.
Further details
LicenseScanning.scanner_class
introduce in !105747 (merged) always returns the ArtifactScanner
. This needs to be change to return the SbomScanner
when the new feature flag is enabled.
Relevant links
-
LicenseScanning.scanner_class
: https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/gitlab/license_scanning.rb#L21 - Implementation of the SBOM Scanner: #384932 (closed)
Non-functional requirements
Implementation plan
-
Declare a new FF to enable License Scanning SBOM Scanner. -
Change LicenseScanning
to useSbomScanner
instead ofArtifactScanner
when the FF is enabled.
Verification steps
Check FF
- Enable FF for a specific project
- Use any License Scanning feature that's been refactored as part of Use License Scanning service (&8532 - closed).
- The backend should raise a
Not implemented
error (unless #384932 (closed) has been implemented).
Non-regression test
- Go to a projet where License Scanning has been configured, and that has License Scanning artifacts.
- Use any License Scanning feature that's been refactored as part of Use License Scanning service (&8532 - closed).
- Make sure that there's no regression.
Edited by Fabien Catteau