Skip to content

17.5 Duo Enterprise Testing Checklist

This checklist can be used to test the AI Vulnerability Explanation and Resolution for the Duo Enterprise testing requirements.

Reading Materials

License:

  • Both VE and VR belongs to the "Duo Enterprise" license.

Testing Steps

Feature Flags

All the necessary FF have already been enabled by default, so you shouldn't have to worry about this.

Setting Configuration

  1. Create a new group
  2. Clone projects:
  3. Group > Settings > General > Permissions and group features > Check "Use GitLab Duo features"

image

Vulnerability Explanation Expectation

  1. Click on a SAST vulnerability
  2. Click on "Explain with AI"
  3. It triggers the duo chat drawer calling the /vulnerability_explain command
  4. It successfully display the AI response
  5. Success

image

Vulnerability Resolution Expectation

  1. Click on a SAST vulnerability

For high confidence CWE:

  1. It displays the button "Resolve with AI"
  2. When clicked, it creates the AI generated MR
  3. Success

GA_VR

For all other SAST:

  1. It displays the button "Resolve with AI"
  2. It is in a disabled state and has a "Learn more" link
  3. Success
For high confidence CWE For all other SAST
image image
image -

Notes

  • AI features are for namespaces only, since individual users cannot be on an ultimate plan and/or buy add-ons. Therefore, you must clone the project within a group or namespace.
  • Since 17.3, both VE and VR are not longer "experiments" and therefore not tied to the "GitLab Duo experiment and beta features" setting.

Resources

Edited by Samantha Ming