Add frontend code for dependency list export
What does this MR do and why?
Add frontend code for dependency list export based on the APIs added as part of !106462 (merged)
Currently dependency list exporter isn't persisted and its endpoint is shared with regular fetching with the purpose of providing data to be populated by the frontend code.
Related issue: https://gitlab.com/gitlab-org/gitlab/-/issues/383060
The DB table was added as part of !104361 (merged)
The dependency_list_export
model was added as part of !104363 (merged)
The workers and services were added as part of !104365 (merged) Follow-up MR with frontend code: !104369 (merged)
Screenshots or screen recordings
Feature flag enabled
Feature flag disabled
Error message
How to set up and validate locally
-
As the target branch is from this MR, both branches must fetched.Not require anymore as the target branch has just been merged into master. -
Feature.enable(:dependency_list_exporter)
must be called viabundle exec rails c
. - If a project with dependencies is needed. Add the following files and their respective contents:
.gitlab-ci.yml
include:
- template: Security/Dependency-Scanning.gitlab-ci.yml
Gemfile.lock
PATH
remote: .
specs:
gcs (5.1.6)
console (~> 1.8)
term-ansicolor (~> 1.7)
terminal-table (~> 3.0)
thor (~> 1.0)
zeitwerk (~> 2.4)
GEM
remote: https://rubygems.org/
specs:
activesupport (6.1.4)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 1.6, < 2)
minitest (>= 5.1)
tzinfo (~> 2.0)
zeitwerk (~> 2.3)
addressable (2.8.0)
public_suffix (>= 2.0.2, < 5.0)
ast (2.4.2)
binding_ninja (0.2.3)
climate_control (1.0.1)
coderay (1.1.3)
concurrent-ruby (1.1.9)
console (1.15.3)
fiber-local
crack (0.4.5)
rexml
diff-lcs (1.4.4)
ecma-re-validator (0.3.0)
regexp_parser (~> 2.0)
fiber-local (1.0.0)
gitlab-styles (6.2.1)
rubocop (~> 0.91, >= 0.91.1)
rubocop-gitlab-security (~> 0.1.1)
rubocop-performance (~> 1.9.2)
rubocop-rails (~> 2.9)
rubocop-rspec (~> 1.44)
hana (1.3.7)
hashdiff (1.0.1)
i18n (1.8.10)
concurrent-ruby (~> 1.0)
json_schemer (0.2.18)
ecma-re-validator (~> 0.3)
hana (~> 1.3)
regexp_parser (~> 2.0)
uri_template (~> 0.7)
minitest (5.14.4)
parallel (1.20.1)
parser (3.0.2.0)
ast (~> 2.4.1)
proc_to_ast (0.1.0)
coderay
parser
unparser
public_suffix (4.0.6)
rack (2.2.3)
rainbow (3.0.0)
rake (12.3.3)
regexp_parser (2.1.1)
rexml (3.2.5)
rspec (3.10.0)
rspec-core (~> 3.10.0)
rspec-expectations (~> 3.10.0)
rspec-mocks (~> 3.10.0)
rspec-core (3.10.1)
rspec-support (~> 3.10.0)
rspec-expectations (3.10.1)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.10.0)
rspec-mocks (3.10.2)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.10.0)
rspec-parameterized (0.5.0)
binding_ninja (>= 0.2.3)
parser
proc_to_ast
rspec (>= 2.13, < 4)
unparser
rspec-support (3.10.2)
rspec_junit_formatter (0.4.1)
rspec-core (>= 2, < 4, != 2.12.0)
rubocop (0.93.1)
parallel (~> 1.10)
parser (>= 2.7.1.5)
rainbow (>= 2.2.2, < 4.0)
regexp_parser (>= 1.8)
rexml
rubocop-ast (>= 0.6.0)
ruby-progressbar (~> 1.7)
unicode-display_width (>= 1.4.0, < 2.0)
rubocop-ast (1.8.0)
parser (>= 3.0.1.1)
rubocop-gitlab-security (0.1.1)
rubocop (>= 0.51)
rubocop-performance (1.9.2)
rubocop (>= 0.90.0, < 2.0)
rubocop-ast (>= 0.4.0)
rubocop-rails (2.9.1)
activesupport (>= 4.2.0)
rack (>= 1.1)
rubocop (>= 0.90.0, < 2.0)
rubocop-rspec (1.44.1)
rubocop (~> 0.87)
rubocop-ast (>= 0.7.1)
ruby-progressbar (1.11.0)
single_cov (1.6.0)
sync (0.5.0)
term-ansicolor (1.7.1)
tins (~> 1.0)
terminal-table (3.0.2)
unicode-display_width (>= 1.1.1, < 3)
thor (1.2.1)
tins (1.31.1)
sync
tzinfo (2.0.4)
concurrent-ruby (~> 1.0)
unicode-display_width (1.7.0)
unparser (0.6.0)
diff-lcs (~> 1.3)
parser (>= 3.0.0)
uri_template (0.7.0)
webmock (3.13.0)
addressable (>= 2.3.6)
crack (>= 0.3.2)
hashdiff (>= 0.4.0, < 2.0.0)
zeitwerk (2.4.2)
PLATFORMS
ruby
DEPENDENCIES
climate_control (~> 1.0)
gcs!
gitlab-styles (~> 6.2.0)
json_schemer (~> 0.2.18)
rake (~> 12.0)
rspec (~> 3.0)
rspec-parameterized
rspec_junit_formatter
single_cov (~> 1.6)
webmock (~> 3.12)
RUBY VERSION
ruby 2.7.4p191
BUNDLED WITH
2.3.6
- Go to CI/CD > Pipelines.
- Click on Run Pipeline.
- After the pipeline has finished, go to Security & Compliance > Dependency List.
- Click on the export button which is located on the top right.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Approval Status
Scope | Approver | Status |
---|---|---|
UX | @philipjoyce |
|
documentation | @claytoncornell |
|
backend | @sgarg_gitlab |
|
backend maintainer | @engwan |
|
frontend | @vvempati |
|
frontend maintainer | @justin_ho |