Skip to content

Add frontend code for dependency list export

Zamir Martins requested to merge add_exporter_related_actions_behind_feature_flag into master

What does this MR do and why?

Add frontend code for dependency list export based on the APIs added as part of !106462 (merged)

Currently dependency list exporter isn't persisted and its endpoint is shared with regular fetching with the purpose of providing data to be populated by the frontend code.

Related issue: https://gitlab.com/gitlab-org/gitlab/-/issues/383060

The DB table was added as part of !104361 (merged)
The dependency_list_export model was added as part of !104363 (merged)
The workers and services were added as part of !104365 (merged) Follow-up MR with frontend code: !104369 (merged)

Screenshots or screen recordings

Feature flag enabled

exporting

Feature flag disabled

exporting_ff_disabled

Error message

Screen_Shot_2022-12-15_at_4.36.19_PM

How to set up and validate locally

  1. As the target branch is from this MR, both branches must fetched. Not require anymore as the target branch has just been merged into master.
  2. Feature.enable(:dependency_list_exporter) must be called via bundle exec rails c.
  3. If a project with dependencies is needed. Add the following files and their respective contents:

.gitlab-ci.yml

include:
  - template: Security/Dependency-Scanning.gitlab-ci.yml

Gemfile.lock

PATH
  remote: .
  specs:
    gcs (5.1.6)
      console (~> 1.8)
      term-ansicolor (~> 1.7)
      terminal-table (~> 3.0)
      thor (~> 1.0)
      zeitwerk (~> 2.4)

GEM
  remote: https://rubygems.org/
  specs:
    activesupport (6.1.4)
      concurrent-ruby (~> 1.0, >= 1.0.2)
      i18n (>= 1.6, < 2)
      minitest (>= 5.1)
      tzinfo (~> 2.0)
      zeitwerk (~> 2.3)
    addressable (2.8.0)
      public_suffix (>= 2.0.2, < 5.0)
    ast (2.4.2)
    binding_ninja (0.2.3)
    climate_control (1.0.1)
    coderay (1.1.3)
    concurrent-ruby (1.1.9)
    console (1.15.3)
      fiber-local
    crack (0.4.5)
      rexml
    diff-lcs (1.4.4)
    ecma-re-validator (0.3.0)
      regexp_parser (~> 2.0)
    fiber-local (1.0.0)
    gitlab-styles (6.2.1)
      rubocop (~> 0.91, >= 0.91.1)
      rubocop-gitlab-security (~> 0.1.1)
      rubocop-performance (~> 1.9.2)
      rubocop-rails (~> 2.9)
      rubocop-rspec (~> 1.44)
    hana (1.3.7)
    hashdiff (1.0.1)
    i18n (1.8.10)
      concurrent-ruby (~> 1.0)
    json_schemer (0.2.18)
      ecma-re-validator (~> 0.3)
      hana (~> 1.3)
      regexp_parser (~> 2.0)
      uri_template (~> 0.7)
    minitest (5.14.4)
    parallel (1.20.1)
    parser (3.0.2.0)
      ast (~> 2.4.1)
    proc_to_ast (0.1.0)
      coderay
      parser
      unparser
    public_suffix (4.0.6)
    rack (2.2.3)
    rainbow (3.0.0)
    rake (12.3.3)
    regexp_parser (2.1.1)
    rexml (3.2.5)
    rspec (3.10.0)
      rspec-core (~> 3.10.0)
      rspec-expectations (~> 3.10.0)
      rspec-mocks (~> 3.10.0)
    rspec-core (3.10.1)
      rspec-support (~> 3.10.0)
    rspec-expectations (3.10.1)
      diff-lcs (>= 1.2.0, < 2.0)
      rspec-support (~> 3.10.0)
    rspec-mocks (3.10.2)
      diff-lcs (>= 1.2.0, < 2.0)
      rspec-support (~> 3.10.0)
    rspec-parameterized (0.5.0)
      binding_ninja (>= 0.2.3)
      parser
      proc_to_ast
      rspec (>= 2.13, < 4)
      unparser
    rspec-support (3.10.2)
    rspec_junit_formatter (0.4.1)
      rspec-core (>= 2, < 4, != 2.12.0)
    rubocop (0.93.1)
      parallel (~> 1.10)
      parser (>= 2.7.1.5)
      rainbow (>= 2.2.2, < 4.0)
      regexp_parser (>= 1.8)
      rexml
      rubocop-ast (>= 0.6.0)
      ruby-progressbar (~> 1.7)
      unicode-display_width (>= 1.4.0, < 2.0)
    rubocop-ast (1.8.0)
      parser (>= 3.0.1.1)
    rubocop-gitlab-security (0.1.1)
      rubocop (>= 0.51)
    rubocop-performance (1.9.2)
      rubocop (>= 0.90.0, < 2.0)
      rubocop-ast (>= 0.4.0)
    rubocop-rails (2.9.1)
      activesupport (>= 4.2.0)
      rack (>= 1.1)
      rubocop (>= 0.90.0, < 2.0)
    rubocop-rspec (1.44.1)
      rubocop (~> 0.87)
      rubocop-ast (>= 0.7.1)
    ruby-progressbar (1.11.0)
    single_cov (1.6.0)
    sync (0.5.0)
    term-ansicolor (1.7.1)
      tins (~> 1.0)
    terminal-table (3.0.2)
      unicode-display_width (>= 1.1.1, < 3)
    thor (1.2.1)
    tins (1.31.1)
      sync
    tzinfo (2.0.4)
      concurrent-ruby (~> 1.0)
    unicode-display_width (1.7.0)
    unparser (0.6.0)
      diff-lcs (~> 1.3)
      parser (>= 3.0.0)
    uri_template (0.7.0)
    webmock (3.13.0)
      addressable (>= 2.3.6)
      crack (>= 0.3.2)
      hashdiff (>= 0.4.0, < 2.0.0)
    zeitwerk (2.4.2)

PLATFORMS
  ruby

DEPENDENCIES
  climate_control (~> 1.0)
  gcs!
  gitlab-styles (~> 6.2.0)
  json_schemer (~> 0.2.18)
  rake (~> 12.0)
  rspec (~> 3.0)
  rspec-parameterized
  rspec_junit_formatter
  single_cov (~> 1.6)
  webmock (~> 3.12)

RUBY VERSION
   ruby 2.7.4p191

BUNDLED WITH
   2.3.6
  1. Go to CI/CD > Pipelines.
  2. Click on Run Pipeline.
  3. After the pipeline has finished, go to Security & Compliance > Dependency List.
  4. Click on the export button which is located on the top right.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Approval Status

Scope Approver Status
UX @philipjoyce
documentation @claytoncornell
backend @sgarg_gitlab
backend maintainer @engwan
frontend @vvempati
frontend maintainer @justin_ho
Edited by Zamir Martins

Merge request reports