[FE] - Add a setting to toggle CVS feature in the Security configuration page
Proposal
As part of the rollout of Continuous Vulnerability Scans, we should add a setting to toggle the feature in the Security configuration page.
We currently target a Experiment
release so the setting should be off by default and the Experiment status should be explicited in the UI.
Then we can prepare another MR to turn this into a GA feature by removing the Experiment
mentions and making the setting on by default.
Backend Issue
Rough FE Implementation
-
In
app/assets/javascripts/security_configuration/components/feature_card.vue
addhasToggle
computed prop -
In
app/assets/javascripts/security_configuration/components/feature_card.vue
implementthis.feature.toggle
object -
In
app/assets/javascripts/security_configuration/components/constants.js
add toggle mutation -
Create toggle wrapper Vue component to contain Toggle logic OR consider taking the same approach done in
app/assets/javascripts/vue_shared/security_configuration/components/manage_via_mr.vue
when the button toggle event handler triggers the mutation. -
Either toggle wrapper or within
app/assets/javascripts/security_configuration/components/feature_card.vue
thehadToggle
block we can get the toggle status by defining it's state in the Security Configuration Presenter ruby object discussed below. -
In
app/assets/javascripts/security_configuration/components/constants.js
add feature.toggle object data. (Define which toggle component to use) -
The status can be provided via html-5 data attribute since we merge in the data with Client side settings Via augment features function
app/assets/javascripts/security_configuration/index.js
Configuration from HAML template
app/views/projects/security/configuration/show.html.haml
and
ee/app/views/projects/security/configuration/show.html.haml
Security Configuration Presenter
app/presenters/projects/security/configuration_presenter.rb
ee/app/presenters/ee/projects/security/configuration_presenter.rb
What we need from BE
- A graphQL mutation so we can trigger the enable/disable mutation.
- Add CVS enable/disable status to the Security Configuration presenters described above
Weight Estimation Logic
Since this area of the codebase is suppose to be re-usable/configurable, I proposed two approaches for implementing a toggle. The extra bump from 3 to 5 was to account for the possibility of back tracking if one solution proves to not be minimal viable change.