FF Cleanup Manual Test Checklist
Please add this manual test to all clean up FF MRs:
:warning: Required Manual Check from a member of the TI team `@alexbuijs @darbyfrey @dpisek @sming-gitlab` :warning:
- [ ] Copy the checklist from this issue: https://gitlab.com/gitlab-org/gitlab/-/issues/478761+
- [ ] Paste the items as a comment in this MR
- [ ] Complete all the manual checks
Checklist
## Manual Test Checklist
Pick one of this demo project to clone:
- https://staging.gitlab.com/govern-team-test/oxeye-rulez (recommended)
- https://gitlab.com/gitlab-examples/security/security-reports
- https://gitlab.com/gitlab-org/govern/threat-insights-demos/webgoat.net
**A. Vulnerability Explanation**
1. Click on a SAST vulnerability
2. Click on "Explain with AI"
3. It triggers the duo chat drawer calling the `/vulnerability_explain` command
4. It successfully display the AI response
- [ ] Verified
**B. Vulnerability Resolution**
1. Enable the FF `vulnerability_resolution_ga` (should already be on by default)
2. Click on a SAST vulnerability
For [high confidence CWE](https://docs.gitlab.com/ee/user/application_security/vulnerabilities/#availability):
3. It displays the button "Resolve with AI"
4. When clicked, it creates the AI generated MR
- [ ] Verified
For all other SAST:
3. It displays the button "Resolve with AI"
4. It is in a disabled state and has a "Learn more" link
- [ ] Verified
**C. Vulnerability Resolution (Experiment)**
1. Disable the FF `vulnerability_resolution_ga`
2. Click on a SAST vulnerability
3. It displays the experiment button "Resolve with merge request (experiment)"
4. When clicked, it creates the AI generated MR
- [ ] Verified
Screenshots (for reference)
Here's the screenshot expected from the manual tests:
Vulnerability Explanation
Vulnerability Resolution
For high confidence CWE | For all other SAST |
---|---|
- |
Vulnerability Resolution (Experiment)
Edited by Samantha Ming